Probably simple setup for routing

odevans · 01-30-2006, 01:19 AM

Have you seen the (IMO excellent) ProjectFiles firewall script?

You can get if from http://projectfiles.com/firewall (get the latest 'prerelease' version 2.0rc10 - the "installer" installs and old version 1.1). It sounds like all you'd need to do is edit it to define your "external" (wlan0) and "internal" (eth0) interfaces, chmod +x it and drop it into /etc/rc.d. It's very flexible and the script contains very lucid notes on how to configure it.

cwwilson721 · 01-30-2006, 01:38 AM

Quote:

Originally Posted by uselpa

I asked you to post your routing tables, that would help.

Where would I find them?

The only thing I've added is this script to rc.local:

Code:

iptables --table nat --append POSTROUTING --out-interface wlan0 -j MASQUERADE
iptables --append FORWARD --in-interface eth0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward

Also:

Quote:

odevans Have you seen the (IMO excellent) ProjectFiles firewall script?

You can get if from http://projectfiles.com/firewall (get the latest 'prerelease' version 2.0rc10 - the "installer" installs and old version 1.1). It sounds like all you'd need to do is edit it to define your "external" (wlan0) and "internal" (eth0) interfaces, chmod +x it and drop it into /etc/rc.d. It's very flexible and the script contains very lucid notes on how to configure it.

I tried that, but due to my network topography, available here
I don't beleive that will work. My wlan0 interface is not really an out interface. If you see what I mean, it's only the "out" interface for this building.

Any other ideas?

uselpa · 01-30-2006, 01:59 AM

Quote:

Originally Posted by cwwilson721

Where would I find them?

As I said, "netstat -r" or "route".

cwwilson721 · 01-30-2006, 02:10 AM

Output of netstat -r:

Code:

$ netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
localnet        *               255.255.255.0   U         0 0          0 eth0
localnet        *               255.255.255.0   U         0 0          0 wlan0
loopback        *               255.0.0.0       U         0 0          0 lo
default         router          0.0.0.0         UG        0 0          0 wlan0
default         router          0.0.0.0         UG        0 0          0 eth0

uselpa · 01-30-2006, 02:15 AM

I asked for the routes on the other machines, i.e. those who do not have the wlan interface.
But these also look weird.

Sorry to insist, but you really should read the answers you get, otherwise people will give up. I do at this point.

cwwilson721 · 01-30-2006, 02:16 AM

It just "seems" that whenever I try to use a local net address in firefox, it only uses the eth0 interface (Building 2), and uses the wlan0 only for internet, so no access to building 1.

Can ping to building 1, but only if I specify the wlan0 interface.

cwwilson721 · 01-30-2006, 02:21 AM

Quote:

Originally Posted by uselpa

I asked for the routes on the other machines, i.e. those who do not have the wlan interface.
But these also look weird.

Sorry to insist, but you really should read the answers you get, otherwise people will give up. I do at this point.

You asked for netstat -r, you got it. You never asked for other machines. Being that they are XP boxes, that won't work.

If you read my posts, you would know that all the other machines are XP boxes, and they have no problems. This is the only box that cannot access Building 1 (Can ping, cannot connect thru web interface)

Once more, my network setup is here.

uselpa · 01-30-2006, 01:44 PM

Never mind.
BTW, "route print" works well on Windows boxes.