LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-18-2001, 09:39 AM   #1
solinari
LQ Newbie
 
Registered: Jul 2001
Distribution: redhat 7.1
Posts: 2

Rep: Reputation: 0
configuring a router without IP masq


I'm trying to build a router out of an old computer and redhat 7.1. I absolutely cannot use IP masq.

I have a block of real IP addresses to use in my lab. I want to connect these using ethernet to a hub, which will be connected to my redhat router. This router will be connected by token ring to the site LAN. My router can access the internet just fine and my lab clients can even ping my token ring card IP address, but they can not ping outside beyond that. I know there is a similar thread on the board already, but that one is leaning towards IP masq and, again, it is imperative that I do not use such a thing. The equipment is sensitive and gets messed up when we try that.

So, I'm not sure exactly where to begin. Originally I had thought I should use network configurator, go to the routing tab and add a new line. I made the device eth0. In the network address field, I put the network address of the lab/ethernet block of IPs. In the netmask field, i put the netmask of the lab/ethernet block of IPs. I'm not sure what should be the gateway, though. I tried to put the token ring card IP as the gateway but that did not work.

First of all, is Network Configurator even the place to set up the router? I also tried the route command.

Any help would be greatly appreciated! Just please don't mention IP masq. You have no idea how frustrating its been for me in my search for help, since that is all anyone seems to talk about! :-P

Oh yeah, I am beginning to wonder if maybe my firewall is causing me problems. I have the standard Medium level firewall that is automatically installed by redhat during server installation.

I just read a little bit about IPtables and IPchains. Could they be the source of my problem (I have not altered them in any way, that i know of).

thanks again!
 
Old 07-18-2001, 12:28 PM   #2
d3funct
Member
 
Registered: Jun 2001
Location: Centralia, WA
Posts: 274

Rep: Reputation: 31
Just to make sure the default "medium" firewall provided by the distro is not your problem remove it. Type "setup" you will get a menu, go to "Firewall configuration" and check "No Firewall", and quit. Do "iptables -L" if iptables has not been configured it should only return the default policies or nothing. Once you've verified you have no firewall active check your routes with "netstat -rn". Make sure you can ping your machines, try telnetting also to ensure communication. Once you've verified communication and routing, ping from inside your network to a machine outside your network from your router to ensure the router is getting out ok. Then configure a firewall WITHOUT IP_MASQ, but with IP_FORWARDing. Check out www.boingworld.com they have an excellent iptables tutorial. You might also look into Webmin for an easy system administration interface www.webmin.com. Hope this helps :-)
 
Old 07-18-2001, 01:14 PM   #3
solinari
LQ Newbie
 
Registered: Jul 2001
Distribution: redhat 7.1
Posts: 2

Original Poster
Rep: Reputation: 0
ok, when I type

iptables -L

it gives me the following error:

/lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: init_module: Device or resource busy
Hint: insmod errors can be caused by incorrect module parameters, including invalid IO or IRQ parameters
/lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: insmod /lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o failed
/lib/modules/2.4.2-2/kernel/net/ipv4/netfilter/ip_tables.o: insmod ip_tables failed
iptables v1.2.1a: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.


errrr... I am not all that good at linux (obviously). I tried to type

insmod -V iptables

but it told me that no module by that name was found. However when I type

iptables -V

it tells me it is running "iptables v1.2.1a" so what gives? This is a brand new install of redhat, so I don't know how my kernel or iptables could possibly need upgrading.... but stranger things have happened i guess. Am I doing something wrong?
 
Old 07-18-2001, 02:45 PM   #4
d3funct
Member
 
Registered: Jun 2001
Location: Centralia, WA
Posts: 274

Rep: Reputation: 31
Is iptables compiled? It has to be compiled along with quite a few other modules that it requires to work properly. To run the pure basics you need to configure the following options into the kernel:

CONFIG_PACKET
CONFIG_NETFILTER

And since you're recompiling the kernel might as well add the more advanced options so you can use them as you learn:

CONFIG_IP_NF_CONNTRACK
CONFIG_IP_NF_FTP
CONFIG_IP_NF_IPTABLES
CONFIG_IP_NF_MATCH_LIMIT
CONFIG_IP_NF_MATCH_MAC
CONFIG_IP_NF_MATCH_MARK
CONFIG_IP_NF_MATCH_MULTIPORT
CONFIG_IP_NF_MATCH_TOS
CONFIG_IP_NF_MATCH_STATE
CONFIG_IP_NF_MATCH_UNCLEAN
CONFIG_IP_NF_MATCH_OWNER
CONFIG_IP_NF_FILTER
CONFIG_IP_NF_TARGET_REJECT
CONFIG_IP_NF_TARGET_MIRROR
CONFIG_IP_NF_NAT
CONFIG_IP_NF_NAT_NEEDED
CONFIG_IP_NF_TARGET_MASQUERADE
CONFIG_IP_NF_TARGET_REDIRECT
CONFIG_IP_NF_NAT_FTP

Of course you can leave IP_Masquerade out since you don't want to use it. If it's not compiled into the kernel or as a module it won't exist and won't be used.
 
Old 09-25-2001, 03:12 PM   #5
bjordan
LQ Newbie
 
Registered: Sep 2001
Posts: 2

Rep: Reputation: 0
You need to remove the ipchains module from the default RH 7.1 install.

#rmmod ipchains

Then iptables should work fine.

You will want to remove the ipchains module from your /etc/rcX.d
scripts.

cheers,
bjordan
 
Old 01-23-2002, 06:17 PM   #6
jeffyboy
LQ Newbie
 
Registered: Jan 2002
Posts: 1

Rep: Reputation: 0
Talking Thank you bjordan !

This was the info I was looking for all day. Thank you, Thank you and (if I didn't mention) THANK YOU as your valuable info has saved me a pile of frustration ![COLOR=blue]
 
Old 01-24-2002, 10:16 AM   #7
bjordan
LQ Newbie
 
Registered: Sep 2001
Posts: 2

Rep: Reputation: 0
You're Welcome,

Glad to see the info helped someone.

Cheers,
bjordan
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
configuring it as a router ftp, my sql,web server, and open and close ports with masq digitalf Mandriva 1 09-04-2004 05:43 AM
configuring and freebsd router tandre *BSD 2 12-11-2003 04:25 AM
MASQ VPN to VPN Router hakcenter Linux - Networking 0 06-26-2003 05:14 PM
firewall script run at boot -> no masq, rerun manually -> masq worx Griffon26 Linux - Networking 2 06-24-2002 04:17 AM
ip-masq, router problems-i'm stuck ncstate74 Linux - Networking 4 05-19-2001 06:12 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:18 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration