LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Home Forums HCL Reviews Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 09-24-2007, 11:35 AM   #1
xyrer
LQ Newbie
 
Registered: Feb 2007
Posts: 13

Rep: Reputation: 0
Configuring IP forwarding through ubuntu


Hi, I am trying to do almost the same thing, I have squid working all right, but I haven't been able to do telnet routing (or whatever it's called), this is what the ubuntu server has:

sudo iptables -nvL :
Code:
Chain INPUT (policy ACCEPT 637K packets, 76M bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:23 LOG flags 0 level 4 

Chain FORWARD (policy ACCEPT 2 packets, 120 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 254K packets, 56M bytes)
 pkts bytes target     prot opt in     out     source               destination
sudo iptables --list :
Code:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
LOG        tcp  --  anywhere             anywhere            tcp dpt:telnet LOG level warning 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
cat /proc/sys/net/ipv4/ip_forward :
Code:
1
sudo iptables -t nat -nvL :
Code:
Chain PREROUTING (policy ACCEPT 429K packets, 55M bytes)
 pkts bytes target     prot opt in     out     source               destination         
   18  1080 DNAT       tcp  --  eth0   *       0.0.0.0/0            0.0.0.0/0           tcp dpt:23 to:192.168.1.1:23 

Chain POSTROUTING (policy ACCEPT 1276 packets, 280K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 1275 packets, 280K bytes)
 pkts bytes target     prot opt in     out     source               destination
ifconfig :
Code:
eth0      Link encap:Ethernet  HWaddr 00:02:A5:EB:00:8E  
          inet addr:192.168.15.36  Bcast:192.168.15.255  Mask:255.255.255.0
          inet6 addr: fe80::202:a5ff:feeb:8e/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2398628 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1061787 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:222454190 (212.1 MiB)  TX bytes:503312432 (479.9 MiB)

eth0:0    Link encap:Ethernet  HWaddr 00:02:A5:EB:00:8E  
          inet addr:192.168.1.158  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

eth1      Link encap:Ethernet  HWaddr 00:60:97:D7:4F:27  
          inet addr:<public_ip>  Bcast:<public_ip_broadcast>  Mask:255.255.255.240
          inet6 addr: fe80::260:97ff:fed7:4f27/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2835646 errors:0 dropped:0 overruns:0 frame:0
          TX packets:239778 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:655739450 (625.3 MiB)  TX bytes:27267344 (26.0 MiB)
          Interrupt:16 Base address:0x2040 

eth2      Link encap:Ethernet  HWaddr 00:01:03:BF:BE:85  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:1 frame:0
          TX packets:1 errors:0 dropped:0 overruns:0 carrier:1
          collisions:0 txqueuelen:1000 
          RX bytes:64 (64.0 b)  TX bytes:60 (60.0 b)
          Interrupt:17 Base address:0x6f80 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:17291 errors:0 dropped:0 overruns:0 frame:0
          TX packets:17291 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:14849894 (14.1 MiB)  TX bytes:14849894 (14.1 MiB)
ping -c3 linuxquestions.org :
Code:
PING linuxquestions.org (64.179.4.146) 56(84) bytes of data.
64 bytes from web2.linuxquestions.org (64.179.4.146): icmp_seq=1 ttl=44 time=127 ms
64 bytes from web2.linuxquestions.org (64.179.4.146): icmp_seq=2 ttl=44 time=127 ms
64 bytes from web2.linuxquestions.org (64.179.4.146): icmp_seq=3 ttl=44 time=127 ms

--- linuxquestions.org ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 3434ms
rtt min/avg/max/mdev = 127.108/127.260/127.535/0.194 ms
ping -c3 192.168.15.5 :
Code:
PING 192.168.15.5 (192.168.15.5) 56(84) bytes of data.
64 bytes from 192.168.15.5: icmp_seq=1 ttl=128 time=0.449 ms
64 bytes from 192.168.15.5: icmp_seq=2 ttl=128 time=1.28 ms
64 bytes from 192.168.15.5: icmp_seq=3 ttl=128 time=1.29 ms

--- 192.168.15.5 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.449/1.010/1.298/0.397 ms
and when i do telnet from another machine, nothing happens, i did :
Code:
sudo iptables -A INPUT -j LOG --log-level 4 -p tcp --dport 23
tail -f /var/log/messages
and still it doesn't log messages, I know it must be something I did wrong because I did it on another machine and the same happens, telnet doesn't work.

Please help me, someone, I have been working on this a week and still haven't figured it out.

Last edited by xyrer; 09-24-2007 at 11:39 AM.
 
Old 09-24-2007, 06:48 PM   #2
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 377Reputation: 377Reputation: 377Reputation: 377
@xyrer: Since this box is the router, you wouldn't see the packet on the INPUT chain. You'd see it on the FORWARD chain. Also, it seems obvious you are trying to do something quite different from the OP, as you are DNATing and he is just SNATing. IMHO your question deserves its own thread, and I've asked this forum's moderators if they could do that (my powers are limited to the Security forum).
 
Old 09-24-2007, 07:23 PM   #3
xyrer
LQ Newbie
 
Registered: Feb 2007
Posts: 13

Original Poster
Rep: Reputation: 0
well, I asked a few days ago but I had no response so far, maybe you could shed a little light about this matter? I have been trying this for more than a week now.
Thanks.
 
Old 09-25-2007, 03:41 AM   #4
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
i've split this thread out, but from what i can see you've not asked this before. you had some question sabout squid, but this isn't a squid question in any way.

you also decided to answer a question that has been unanswered for 4 years... i'd not recommend doing that, it gets very messy.
 
Old 09-26-2007, 10:24 AM   #5
xyrer
LQ Newbie
 
Registered: Feb 2007
Posts: 13

Original Poster
Rep: Reputation: 0
Thanks, it's just that in Windows the forwarding is being done by the wingate proxy, so I thought it was squid's job to do that also, I hope I can find the answer I am looking for here.
 
Old 09-26-2007, 12:29 PM   #6
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
well do you want routing / forwarding or do you want proxying? what is the end game? what do you want / need to provide to the userbase?
 
Old 09-27-2007, 09:27 AM   #7
xyrer
LQ Newbie
 
Registered: Feb 2007
Posts: 13

Original Poster
Rep: Reputation: 0
Smile

Hi, I resolved it last night thanks to howtoforge.com, as I thought, it was a mistake caused by my ignorance on this subject. Routing, forwarding and nat require a single ethernet card, no aliases, I was trying to forward telnet traffic from eth0 to eth0:0.

I found that I had to get another ethernet card for the output, now I have 3 ethernet cards on the server, 1 for public ip, 1 for the general subnet and another for the unix server subnet.

Now everything works just fine, if I just knew this before...


Well, I'm grateful with everyone who has tried to answer to this, and I hope anyone else who's in my situation, read this and realizes the problem.

Thanks to everyone.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Configuring sendmail for mail forwarding to server Yalla-One Slackware 16 11-02-2007 07:27 PM
Ip Forwarding... UBUNTU Edgy keiai03 Linux - Networking 2 03-13-2007 10:53 PM
Ubuntu 6.10 - IP forwarding zoshr Linux - Networking 2 03-12-2007 07:37 AM
Some difficulty configuring port-forwarding through Linksys router eventide Linux - Networking 9 03-03-2005 02:04 PM
Configuring port forwarding on D-Link router Gormless Linux - Networking 1 10-28-2004 08:29 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:53 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration