Here's my Network Config - Why can't I share Internet?
Ok guys... I'm not sure why this is giving me so much trouble, but here is everything... If you have any idea why my Client machine can't get to the Internet, please post!!! I feel like I've tried everything!
Client runs Win2k, set up to accept dhcp address, gateway statically set to 192.168.69.1 (eth1) eth0 - obtains dynamic ip from cable modem eth1 - hands out local ip address to client machine ifconfig on Linux server: Code:
eth0 Link encap:Ethernet HWaddr 00:40:05:7A:F0:30 Code:
#dhcpd.conf Code:
NETWORKING=yes Code:
Chain INPUT (policy ACCEPT) ipconfig from client looks like this: Connection-specific DNS Suffix : kc.rr.com IP Address : 192.168.69.10 Subnet Mask : 255.255.255.0 Default Gateway : 192.168.69.1 Notes: Client is able to ping both eth0 and eth1, server can ping client. Client can NOT ping ww.yahoo.com or it's ip address 216.109.125.78 I've also tried some other major sites... as well as cannot open IE to browse a site. Again, DHCP works fine, server can hit the net just fine, all that is wrong is the client cannot seem to get through the internet connection of the server. I'll plan to lock down the input on iptables after i can get this to work.... Please help if you have any idea! I'm so confused!! :confused: :confused: Thanks in advance!! Aaron (KowCiller) |
You need to set up forwarding rules with NAT. With blank iptables like that, the linux machine doesn't have anything it needs to do with the packets sent from the clients. If you are not comfortable with writing an iptables ruleset, then I highly recommend using "Shorewall" to set up the firewall. You can use the configuration examples off the website www.shorewall.net and have it working in minutes.
I run shorewall/iptables on half a dozen firewalls and it works awesome ... Good luck |
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
service iptables save thats to get it working. then if you really want to get into firewalling, reply ill give ya a firewall setup then try: ping yahoo.com not www.yahoo.com :-P |
In addition to setting up iptables, do this...
# cat /proc/sys/net/ipv4/ip_forward If it says "0", type this: # echo 1 > /proc/sys/net/ipv4/ip_forward after setting up iptables like hakcenter said, do that and you should be all set. Hope that helps! Chris |
Guys,
Thanks to all of you that have replied. However, I'm still having problems. I did as the hakcenter and chris suggested, entered those commands, yet still i cannot seem to get any forwarding? when i do an iptables --list, I still get the same "blank" configuration there, even after trying those commands... is that correct? However, this is what I see when I do a 'more' on /etc/sysconfig/iptables Code:
# Generated by iptables-save v1.2.5 on Tue Jul 8 21:01:12 2003 When I try the route command, I get the following: Code:
Kernel IP routing table I know that packets are getting to the linux box though, I can see on the ifconfig command the received packets going up as I try to ping sites... Unfortunately on the client I keep getting "unknown host" for everything I try... :confused: :confused: Aaron. |
I CAN'T BELIEVE IT BUT I ACTUALLY GOT IT TO WORK......
SORT OF! So get this... I was messing around reading some other posts, and I noticed someone talk about a resolv.conf file. I'm a total n00b (as I'm sure you've figured out) so I was poking around in there and it looked like those were some nameserver ip addresses that got resolved from my isp. Well my linux box was using them fine, but they were NOT getting transferred over to my client pc through DHCP and I'm not sure why. When i statically typed in the a couple IP addresses from my resolv.conf into my client PC's preferred and alternate DNS servers, I got the internet to be shared to the client!!! So now the question is, what do I need to change on my dhcpd.conf ( you can see the current version on the original post ) so that the dhcpd can dynamically give that information to my client? Now that I mention that does it sound like a legit reason why I would be having so much trouble? Is there anything else I need to make sure that I do? THANKS FOR ALL THE HELP!!!!!! Aaron. |
well, you could always just install named, and set your dhcp clients to use the dns off the eth1 device...
its the way to go for 100% internal support :) i thought it was fine, you just wernt dns resolving, heh edit /etc/systcl.conf to make sure ipv4 forwarding stays enabled, set to 1 |
Agreed. Install BIND (DNS) and have DHCP use it. Actually... Lemme look something up, and I will get right back to you...
Ok, back again... Are you running named? If you are, make sure you have the following line in dhcpd.conf ddns-update-style interim; Try that. Chris Also, what version of DHCP are you using? |
Guys,
Thanks again for the replies. I'm not sure what version of dhcp I'm running... whatever comes with Redhat LInux 7.3. I'm also not sure how to check the version of it either.... it doesn't seem to have a version flag to check (at least that I could find..) I'll do some reading to figure out how to set up BIND. Any suggestions of how to get dhcp to use the BIND configuration after I get it set up? Actually, I'm open to any suggestions period, so let me know if there's anything that I should keep in mind. Thanks a heap! Aaron. P.S. Oh yeah, almost forgot to mention that I do not have named installed and I'm not running it. Is this something that I need to get ahold of? |
Yeah, you do need to install bind (named). Go to Red Hat's website and download the RPM for bind. As a matter of fact, to find out what version of dhcp you have, you should probably be able to run:
# rpm -qa | grep dhcp That might tell you what version of dhcp you have. Install Bind, then we can work on it from there. Chris |
All times are GMT -5. The time now is 04:20 PM. |