Router + Iptables

saman · 02-01-2008, 08:46 PM

Here I have problem which I am unable to solve it alone hence I post this article on linuxquestions.
anyone can help will be glad and appreciated.

ISP ------* ISDN modem/Router * --- switch1 -- eth0 * DNS/ DHCP Server* eth1 --- switch2 ------ * Local Area Network / Wifi Broadcasting *

RHEL4 :
eth1 IP: 192.168.1.5 DNS (mycompany.com)
GW: 192.168.1.1

eth0 IP:192.168.0.10
GW:192.168.0.1

DNS & DHCP is working fine.

#/etc/named.conf
.
.
forwarder first;
forwarder { 103.130.0.1 } (Example ISP IP address)
.
.
.

(testing)
If I plug in cable into switch1 (windows XP Prof)
Static IP : 192.168.1.10
GW : 192.168.1.1
DNS : 103.130.0.1 (ISP IP Address)

work fine and I can surf internet
but with RHEL4 server I can't surf or ping internet!

Here below are the RHEL4 setting

#/etc/sysconfig/network
networking=yes
Hostname='comp1.mycompany.com'
Domainname='mycompany.com'
GATEWAY=192.168.1.1
GATEWAYDEV=eth0

#/etc/sysctl.conf
net.ipv4.ip_forward = 1

the iptables setting:
#/etc/sysconfig/iptables
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to-source 192.168.1.5

# /etc/resolv.conf
search mycomp1.mycomputer.com
nameserver 192.168.1.5

etc]#/sbin/route
Kernel IP routing table
Destination Gateway Genmask Flag Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.255.0 U 0 0 0 eth1
default 192.168.1.1 0.0.0.0 UG 0 0 0 eth1

Anyone can help?

Brian1 · 02-02-2008, 09:56 AM

Did not know you ever responded to back in this post previously on the subject.
http://www.linuxquestions.org/questi...at-box-608800/
Plus the same questioned ask multiple times here over the past 3 months.
http://www.linuxquestions.org/questi...tables-607528/
http://www.linuxquestions.org/questi...tables-598536/
http://www.linuxquestions.org/questi...tables-598537/

What might help is explain the goal a bit better. Again I see alot of debian stuff added and you are using a RHEL4 distro. Setup is quite different between the two.

If I understand this you want a simply firewall/gateway router. Letting network traffic bound to the internet on the eth1 side through to the eth0 side to the internet. Then the return data responce from the internet to eth0 through to eth1 back to the orginal lan machine making the request.

Let me know if this is the main first goal. If so the I can provide info on making a simply router under a Redhat type distro.

I would repost the asked info asked in response number 2 from this post I asked to see what changes have taken place since about 2 months ago. http://www.linuxquestions.org/questi...at-box-608800/

Based on the old responses the ifcfg-eth0 and ifcfg-eth1 you do not define the gateway in eth0 which is the one connected to the internet side. Then you have defined the gateway in eth1 which you say is the lan side. Do not define a gateway on the lan side, just the wan eth0 side.

Take it one step at a time and first get simply masquerading working then you can enable other server options and open ports for them.

Brian