How do I turn my main box into a router?

jlturbos · 03-06-2004, 10:33 AM

LinuxQuestions.org rules, but I never seem to get alot of help on networking. The worst part is, networking is my weakest subject. So, a huge appreciation goes out to anyone who can help!

I have 2 boxes.
I have cable internet.
I have 2 nic's in the main box.
I have one nic in the 2nd box.
The main runs mandrake 9.2.
The 2nd runs slackware 9.1.
They are connected by a crossover cable. "slack eth0 >>> mandy eth1 >>> mandy eth0 >>> internet"
I can ping from each box to the other and mount nfs filesystems on each.
The main box goes online quite easily with dhcp thru eth0.
I CANNOT ping the internet with an ip or a name from the 2nd box (slack).
I have disabled all firewalls.

My setup is quite simple. Main box (mandy) connects to internet with eth0. Main box connects to 2nd box (slack) with eth1. 2nd box (slack) has only eth0 connected with patch (crossover) cable to main (mandy).

-------------------------------------------------------------------------
SLACK FILES AND ROUTING INFO:
/etc/hosts/
127.0.0.1 localhost.localdomain localhost
192.168.1.1 mandrake.home.org mandrake
192.168.1.2 slackware.home.org slackware

/etc/resolv.conf
nameserver 192.168.1.1

# ifconfig
eth0 Link encap:Ethernet HWaddr 00:20:AF

B

D:28
inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2120 errors:0 dropped:0 overruns:0 frame:0
TX packets:114 errors:0 dropped:0 overruns:0 carrier:1
collisions:0 txqueuelen:100
RX bytes:264953 (258.7 Kb) TX bytes:4788 (4.6 Kb)
Interrupt:10 Base address:0x300

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1035 errors:0 dropped:0 overruns:0 frame:0
TX packets:1035 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:70419 (68.7 Kb) TX bytes:70419 (68.7 Kb)

# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
------------------------------------------------------------------------

------------------------------------------------------------------------
MANDY FILES AND ROUTING INFO:
/etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.1.1 mandrake.home.org mandrake
192.168.1.2 slackware.home.org slackware

/etc/resolv.conf
search bflony.adelphia.net local
nameserver 127.0.0.1
nameserver 68.168.224.165
nameserver 68.168.224.162

# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0A:E6:3B:82:87
inet addr:24.50.126.45 Bcast:24.50.126.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:128079 errors:0 dropped:0 overruns:0 frame:0
TX packets:6603 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:11606982 (11.0 Mb) TX bytes:832446 (812.9 Kb)
Interrupt:5 Base address:0xd800

eth1 Link encap:Ethernet HWaddr 00:80:29:65

C:BF
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:1529 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:189022 (184.5 Kb)
Interrupt:11 Base address:0xf000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1035 errors:0 dropped:0 overruns:0 frame:0
TX packets:1035 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:70419 (68.7 Kb) TX bytes:70419 (68.7 Kb)

# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
24.50.126.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 24.50.126.1 0.0.0.0 UG 0 0 0 eth0
-------------------------------------------------------------------------

So the BIG question is. How do I turn the main (mandrake) box into a router?

JL

pheron · 03-06-2004, 11:26 AM

I've just turned my SuSE machine into a router/gateway, using this guide
http://www.linuxforum.com/linux_tutorials/5/1.php
and also this http://www.linuxforum.com/linux_tutorials/6/1.php
...
(found them here, http://www.linuxforum.com/linux_tutorials/24/1.php)

Good luck!

win32sux · 03-06-2004, 12:17 PM

you could install shorewall on the mandrake box... shorewall is included in the mandrake distro but it's best to use the latest official version from the shorewall website... there's some decent documentation on the site also... shorewall is text-based, but it's very, very simple, really...

http://www.shorewall.net/

if you don't wanna use the official rpm from the site, then you could probably install shorewall on the mandrake box as easily as:

urpmi shorewall

if you want a more graphical utility, try firestarter:

http://firestarter.sourceforge.net/

you can also just use a good customizable iptables script, which you can easily generate online using something like this:

http://easyfwgen.morizot.net/gen/

needless to say, the essence to all of this stuff is iptables:

http://www.linuxguruz.com/iptables/

bnice · 03-06-2004, 12:42 PM

summary of links submitted by pheron

Code:

#slack setup

route add default gw 192.168.1.1

Code:

#mandy setup script starts here, save where ever mandy keeps it's startup scripts & make executable

#!/bin/sh

IPTABLES=/sbin/iptables

#All The lines below are NAT routing

# flush any old rules
$IPTABLES -F -t nat

# turn on NAT (IP masquerading for outgoing packets)
$IPTABLES -A POSTROUTING -t nat -o eth0 -j MASQUERADE

# enable IP forwarding (of incoming packets)
echo 1 > /proc/sys/net/ipv4/ip_forward

jlturbos · 03-07-2004, 12:21 PM

Great news. It worked!
My main problem was the nameservers in /etc/resolv.conf
I added the cable internet providers nameservers to the 2nd (slack) box.

I also followed the howto's and created a firewall script and it works great.

Thank you everyone!

JL