LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-29-2015, 07:11 PM   #1
djgerbavore
Member
 
Registered: Jun 2004
Location: PA
Distribution: Fedora (latest git kernel)
Posts: 458

Rep: Reputation: 30
IP Masquerading on Fedora 21 using Firewalld


I'm trying to setup my fedora machine as a router so my raspberry pi can access the internet. I know I can do this using iptables syntax but I'm trying to use the new firewalld syntax.

My setup is, I have a wireless connection that has access to the internet called wlp0s26u1u4 and I have a raspberry pi connected directly to my machine via ethernet on interface called em1.

My fedora machine has a static ip address em1 set to 10.10.2.1 and on my raspberry pi I have a static ip set to 10.10.2.100 and the default gateway set to 10.10.2.1.

I can ping my fedora machine from my pi just fine, but I'm unable to get my machine to forward from one interface to another.

Also I set the resolv.conf nameserver to google's public DNS (8.8.8.8) on my raspberry pi.

I checked and ipv4 forwarding is turned on:
Code:
# cat /proc/sys/net/ipv4/ip_forward
1
I added the following firewalld rule:
Code:
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i ens4 -o eth1 -j ACCEPT
However when I ping google.com from the pi I still get unknown host google.com

Doing a tcpdump I see the packet(s) come across on both the em1 (wired) connection and wireless connection (wlp0s26u1u4). However the response seem to be getting dropped on the wireless (wlp0s26u1u4) interface. Because on the tcpdump of interface wlp0s26u1u4 i'm seeing dropped packets:
Code:
2 packets captured
2 packets received by filter
0 packets dropped by kernel
2 packets dropped by interface
My question is what am I missing so I can do ip masquerading on fedora 21 so my pi can access the internet.

Thanks,

Gerb
 
Old 03-30-2015, 02:40 PM   #2
lazydog
Senior Member
 
Registered: Dec 2003
Location: The Key Stone State
Distribution: CentOS Sabayon and now Gentoo
Posts: 1,249
Blog Entries: 3

Rep: Reputation: 194Reputation: 194
I know nothing about the new firewall so I disabled it and run iptables.

The following might be able to help you Get Started Firewalld

Here is a F18 Tutorial

Last edited by lazydog; 03-30-2015 at 02:44 PM.
 
1 members found this post helpful.
Old 03-31-2015, 09:24 AM   #3
djgerbavore
Member
 
Registered: Jun 2004
Location: PA
Distribution: Fedora (latest git kernel)
Posts: 458

Original Poster
Rep: Reputation: 30
Thanks, that want I did in the meantime.

I read the Tutorial and Get Started Firewalld document a few times but for some reason it still not working. Maybe I'm in the wrong "zone" or something.
 
Old 04-01-2015, 10:48 AM   #4
djgerbavore
Member
 
Registered: Jun 2004
Location: PA
Distribution: Fedora (latest git kernel)
Posts: 458

Original Poster
Rep: Reputation: 30
After banging my head on this for a while, I finally got it working. My issue was I was running custom kernel with none of the NAT/Masquerade functionality. Once included those kernel modules everything started to work.

I feel silly but I'm glad I got it working. Firewalld doesn't error out like iptables when a module is not found.

Thanks,
 
Old 04-01-2015, 07:56 PM   #5
lazydog
Senior Member
 
Registered: Dec 2003
Location: The Key Stone State
Distribution: CentOS Sabayon and now Gentoo
Posts: 1,249
Blog Entries: 3

Rep: Reputation: 194Reputation: 194
Good for you!!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Fedora 18 firewalld specify source ip vonedaddy Fedora 2 06-18-2013 12:49 AM
LXer: Fedora 18 and Firewalld LXer Syndicated Linux News 0 09-20-2012 05:50 AM
how firewallD start on startup in fedora 17 - System Security Services Demon fails 100201 Fedora 1 07-12-2012 04:15 AM
[SOLVED] firewalld status? (Fedora gurus might know this) serafean Linux - Software 3 12-07-2011 02:02 AM
Fedora 5 / IP Masquerading / Opening Ports zuele Linux - Networking 11 11-01-2006 11:08 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 06:00 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration