LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-06-2005, 10:52 AM   #1
Hitty
Member
 
Registered: Jan 2005
Distribution: Ubuntu: Breezy & Dapper
Posts: 33

Rep: Reputation: 15
linux gateway help


I have a Windows computer (192.168.0.1) using internet connection sharing which gives an internet connection to my linux pc (ubuntu, 192.168.0.2).



i have added a second network card to my linux pc and wish to attach a windows pc to it and use my linux pc as a gateway (so the second windows pc can get an internet connection from me)



it is not possible to connect the second windows computer into a hub along with the linux box so that they both connect via the hub to the windows gateway because the hub is currently full with the rest of the computers on my network

how do i do this? please help

im a linux n00b, if that helps you not confuse me with technical words
 
Old 01-06-2005, 10:56 AM   #2
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092
Blog Entries: 1

Rep: Reputation: 90
You have to enable forwarding in the linux box... and masquerade traffic comming out from the linux box.
 
Old 01-06-2005, 10:57 AM   #3
Hitty
Member
 
Registered: Jan 2005
Distribution: Ubuntu: Breezy & Dapper
Posts: 33

Original Poster
Rep: Reputation: 15
how do i do that?
 
Old 01-06-2005, 11:02 AM   #4
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092
Blog Entries: 1

Rep: Reputation: 90
Enable forwarding:
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
Masquerading:
Code:
iptables -t nat -A POSTROUTING -j MASQUERADE
The iptables rule is too simplistic in this case... you might need a more fine-tuned rule... but for matters of testing.... that will do the trick.

There are other things to consider.... what is the FORWARD policy of the linux box? You can see the forward policy and rules with:

Code:
iptables -L FORWARD
 
Old 01-06-2005, 11:54 AM   #5
Hitty
Member
 
Registered: Jan 2005
Distribution: Ubuntu: Breezy & Dapper
Posts: 33

Original Poster
Rep: Reputation: 15
ok i did that

what ip address should i use for the second nic and what settings (ip gateway) should i use on the windows pc?
 
Old 01-06-2005, 11:58 AM   #6
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092
Blog Entries: 1

Rep: Reputation: 90
say another private network segment... for example:

linux: 192.168.1.1
windows: 192.168.1.2, gateway: 192.168.1.1 ()

Having set that, you should be able to ping to the lan on the router side of the linux box... and you should be able to get internet access... or at least, the same you have on the router side of your lan.
 
Old 01-06-2005, 12:28 PM   #7
Hitty
Member
 
Registered: Jan 2005
Distribution: Ubuntu: Breezy & Dapper
Posts: 33

Original Poster
Rep: Reputation: 15
done that

i can ping 192.168.1.1 but i cant get the net
 
Old 01-06-2005, 12:33 PM   #8
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092
Blog Entries: 1

Rep: Reputation: 90
How about the computers in the 192.168.0.x segment? Can you ping them?
 
Old 01-06-2005, 12:35 PM   #9
Hitty
Member
 
Registered: Jan 2005
Distribution: Ubuntu: Breezy & Dapper
Posts: 33

Original Poster
Rep: Reputation: 15
nope

i try to ping 192.168.0.2 and i get:

Reply from 192.168.1.1: Destination host unreachable


i tried 192.168.0.1 (my router) and it just kept timing out
 
Old 01-06-2005, 12:44 PM   #10
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092
Blog Entries: 1

Rep: Reputation: 90
Forwarding is not working.... because it's not letting you ping the interface on the other side of the linux pc.

Copy here the output of these commands:
Code:
iptables -t nat -L -v
iptables -L -v
cat /proc/sys/net/ipv4/ip_forward
 
Old 01-06-2005, 12:48 PM   #11
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092
Blog Entries: 1

Rep: Reputation: 90
Take a look at this thread... here's the main points. Perhaps I'm not being clear enough:
http://www.linuxquestions.org/questi...hreadid=274625
 
Old 01-06-2005, 12:49 PM   #12
Hitty
Member
 
Registered: Jan 2005
Distribution: Ubuntu: Breezy & Dapper
Posts: 33

Original Poster
Rep: Reputation: 15
hitetsu@WhiteNinj4:~ $ sudo iptables -t nat -L -v
Password:
Chain PREROUTING (policy ACCEPT 29 packets, 3940 bytes)
pkts bytes target prot opt in out source destination
29 3940 gforward all -- any any anywhere anywhere

Chain POSTROUTING (policy ACCEPT 582 packets, 34920 bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- any any anywhere anywhere MARK match 0x1
1062 63754 fromprivate all -- any any 192.168.0.0/16 anywhere
0 0 fromprivate all -- any any 172.16.0.0/12 anywhere
0 0 fromprivate all -- any any 10.0.0.0/8 anywhere

Chain OUTPUT (policy ACCEPT 1642 packets, 98554 bytes)
pkts bytes target prot opt in out source destination
1642 98554 gforward all -- any any anywhere anywhere

Chain fromprivate (3 references)
pkts bytes target prot opt in out source destination
6 360 ACCEPT all -- any any anywhere 192.168.0.0/ 16
0 0 ACCEPT all -- any any anywhere 172.16.0.0/1 2
0 0 ACCEPT all -- any any anywhere 10.0.0.0/8
1056 63394 MASQUERADE all -- any any anywhere anywhere

Chain ftolocal (2 references)
pkts bytes target prot opt in out source destination

Chain gforward (2 references)
pkts bytes target prot opt in out source destination
0 0 ftolocal all -- any any anywhere 192.168.0.4
582 34920 ftolocal all -- any any anywhere localhost.lo caldomain





hitetsu@WhiteNinj4:~ $ sudo iptables -L -v
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
178K 23M ACCEPT all -- lo any anywhere anywhere
0 0 LOG all -- !lo any 127.0.0.0/8 anywhere LOG level warning
0 0 DROP all -- !lo any 127.0.0.0/8 anywhere
12 3960 ACCEPT all -- eth0 any anywhere 255.255.255.255
288 32183 ACCEPT all -- eth0 any 192.168.1.0/24 anywhere
0 0 ACCEPT !tcp -- eth0 any anywhere BASE-ADDRESS.MCAST.NET/4
0 0 LOG all -- eth1 any 192.168.1.0/24 anywhere LOG level warning
0 0 DROP all -- eth1 any 192.168.1.0/24 anywhere
4 1312 ACCEPT all -- eth1 any anywhere 255.255.255.255
24603 25M ACCEPT all -- eth1 any anywhere 192.168.0.4
50 8949 ACCEPT all -- eth1 any anywhere 192.168.0.255
0 0 LOG all -- any any anywhere anywhere LOG level warning
0 0 DROP all -- any any anywhere anywhere

Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
43 2660 ACCEPT all -- eth0 eth1 192.168.1.0/24 anywhere
0 0 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
0 0 LOG all -- any eth1 anywhere 192.168.1.0/24 LOG level warning
0 0 DROP all -- any eth1 anywhere 192.168.1.0/24
0 0 LOG all -- any any anywhere anywhere LOG level warning
0 0 DROP all -- any any anywhere anywhere

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
178K 23M ACCEPT all -- any lo anywhere anywhere
0 0 ACCEPT all -- any eth0 anywhere 255.255.255.255
55 4472 ACCEPT all -- any eth0 anywhere 192.168.1.0/24
0 0 ACCEPT !tcp -- any eth0 anywhere BASE-ADDRESS.MCAST.NET/4
0 0 LOG all -- any eth1 anywhere 192.168.1.0/24 LOG level warning
0 0 DROP all -- any eth1 anywhere 192.168.1.0/24
0 0 ACCEPT all -- any eth1 anywhere 255.255.255.255
23308 2666K ACCEPT all -- any eth1 192.168.0.4 anywhere
0 0 ACCEPT all -- any eth1 192.168.0.255 anywhere
0 0 LOG all -- any any anywhere anywhere LOG level warning
0 0 DROP all -- any any anywhere anywhere



hitetsu@WhiteNinj4:~ $ sudo cat /proc/sys/net/ipv4/ip_forward
1




i did it, and thats what i got
 
Old 01-06-2005, 12:55 PM   #13
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092
Blog Entries: 1

Rep: Reputation: 90
Give this a shot: Change the forward policy. Make it ACCEPT.

iptables -P FORWARD ACCEPT
 
Old 01-06-2005, 12:55 PM   #14
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,092
Blog Entries: 1

Rep: Reputation: 90
and read the thread I gave you the URL of.
 
Old 01-06-2005, 01:00 PM   #15
Hitty
Member
 
Registered: Jan 2005
Distribution: Ubuntu: Breezy & Dapper
Posts: 33

Original Poster
Rep: Reputation: 15
i had a look at that url, but it doesnt solve my problem =/

i can ping 192.168.1.1 still, but still cant ping 192.168.0.2 =/

i get the same error
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux Gateway barleykorn Linux - Networking 1 10-21-2005 05:25 PM
Odd problem: Gateway unreachable after certain amount of time (Win XP Gateway) SocialEngineer Linux - Networking 2 08-13-2004 12:54 AM
Linux as a gateway to xp??? mikejbrod Linux - Networking 4 10-18-2003 11:25 PM
Linux Gateway Help tweakedout Linux - Networking 1 04-13-2003 04:08 AM
Linux Gateway Fusion07 Linux - Networking 3 08-12-2002 12:39 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 11:01 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration