How to connect a netbook via cable via PC via UMTS-stick to the internet

JZL240I-U · 05-13-2015, 11:15 AM

Silly question for old hands in networking, I know. I'm new, though. So, this is the setup:

netbook with openSUSE 13.2 / KDE and networkmanager
connection with ethernet cable to
PC with openSUSE 13.2 / KDE and networkmanager
UMTS-stick in a port of the PC
internet

I want to browse the internet on the netbook utilizing the UMTS-stick in the PC. I can now copy files / access data on both machines using dolphin and the sftp protocol, i.e. both machines have a private IP-address and "know" the other one (as far as it goes).

What do I have to do to access the internet from the netbook? That is, how to make the PC pass the packets to the stick and lastly the net? Would the PC act as a router / gateway? What input needs networkmanager? Any tips, hints, pointers or links will be highly appreciated

.

sam.pedraglio · 05-14-2015, 02:43 AM

I think the PC should act as gateway that means you need to set its IP as the gateway address on the notebook.
Another step should be to create a couple of rules on the PC firewall to allow traffic from/to the notebook, if you use a firewall on the pc of course.

frankbell · 05-14-2015, 08:28 PM

This article from the Arch wiki might be helpful: https://wiki.archlinux.org/index.php/Router

sam.pedraglio · 05-15-2015, 03:25 AM

I think this link should be more interesting respect to the existing network setup:

https://wiki.archlinux.org/index.php/Internet_sharing

JZL240I-U · 05-16-2015, 12:03 PM

Thanks to both of you, I'll see what I can achieve with your pointers. Internet connectivity is abysmal right now, sorry when I report only sporadically, I'll be back with results when and as soon as I can.

JZL240I-U · 05-28-2015, 11:26 AM

I used the link sam.pedraglio provided, since my setup is like this:

Code:

netbook <-> cable <-> PC <-> mobile-internet (UMTS-stick)

These were the commands I used (as advised in the Arch-Wiki):

Code:

root@PC # ip link set up dev enp3s0
root@PC # ip addr add 192.168.2.100/24 dev enp3s0       

root@PC # sysctl -a |grep forward
net.ipv4.conf.all.forwarding = 0
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.default.forwarding = 0
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.enp3s0.forwarding = 0
net.ipv4.conf.enp3s0.mc_forwarding = 0
net.ipv4.conf.lo.forwarding = 0
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.ppp0.forwarding = 0
net.ipv4.conf.ppp0.mc_forwarding = 0
net.ipv4.ip_forward = 0
net.ipv4.ip_forward_use_pmtu = 0
net.ipv6.conf.all.forwarding = 0
net.ipv6.conf.default.forwarding = 0
net.ipv6.conf.enp3s0.forwarding = 0
net.ipv6.conf.lo.forwarding = 0
net.ipv6.conf.ppp0.forwarding = 0

root@PC # sysctl net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1

root@PC # sysctl -a |grep forward     
net.ipv4.conf.all.forwarding = 1
net.ipv4.conf.all.mc_forwarding = 0
net.ipv4.conf.default.forwarding = 1
net.ipv4.conf.default.mc_forwarding = 0
net.ipv4.conf.enp3s0.forwarding = 1
net.ipv4.conf.enp3s0.mc_forwarding = 0
net.ipv4.conf.lo.forwarding = 1
net.ipv4.conf.lo.mc_forwarding = 0
net.ipv4.conf.ppp0.forwarding = 1
net.ipv4.conf.ppp0.mc_forwarding = 0
net.ipv4.ip_forward = 1
net.ipv4.ip_forward_use_pmtu = 0
net.ipv6.conf.all.forwarding = 0
net.ipv6.conf.default.forwarding = 0
net.ipv6.conf.enp3s0.forwarding = 0
net.ipv6.conf.lo.forwarding = 0
net.ipv6.conf.ppp0.forwarding = 0

root@PC # iptables -t nat -A POSTROUTING -o internet0 -j MASQUERADE
root@PC # iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
root@PC # iptables -A FORWARD -i enp3s0 -o ppp0 -j ACCEPT            

root@PC # iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED
input_ext  all  --  anywhere             anywhere            
LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-IN-ILL-TARGET "
DROP       all  --  anywhere             anywhere            

Chain FORWARD (policy DROP)
target     prot opt source               destination         
LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-FWD-ILL-ROUTING "
ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere            

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            

Chain forward_ext (0 references)
target     prot opt source               destination         

Chain input_ext (1 references)
target     prot opt source               destination         
DROP       all  --  anywhere             anywhere             PKTTYPE = broadcast
ACCEPT     icmp --  anywhere             anywhere             icmp source-quench
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-ACC-TCP "
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
DROP       all  --  anywhere             anywhere             PKTTYPE = multicast
DROP       all  --  anywhere             anywhere             PKTTYPE = broadcast
LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-DROP-DEFLT "
LOG        icmp --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-INext-DROP-DEFLT "
LOG        udp  --  anywhere             anywhere             limit: avg 3/min burst 5 ctstate NEW LOG level warning tcp-options ip-options prefix "SFW2-INext-DROP-DEFLT "
DROP       all  --  anywhere             anywhere            

Chain reject_func (0 references)
target     prot opt source               destination         
REJECT     tcp  --  anywhere             anywhere             reject-with tcp-reset
REJECT     udp  --  anywhere             anywhere             reject-with icmp-port-unreachable
REJECT     all  --  anywhere             anywhere             reject-with icmp-proto-unreachable

Please note that the output of "iptables -L" doesn't show the three added lines?!? As far as I know this is the standard set up of openSUSE's firewall.

Lastly I added the ip on the client (netbook).

Code:

# ip addr add 192.168.2.101/24 dev enp6s0
# ip link set up dev enp6s0
# ip route add default via 192.168.123.100 dev enp3s0   # same address as in the beginning

and got: "RTNETLINK answers: Network is unreachable."

Umm. How to diagnose the problem? Is the NAT-ing problem resolved as I understand the linked bug report or have I omitted something here? Thanks for any pointers.

P.S.: I created also /etc/sysctl.d/30-ipforward.conf as required for a reboot.

Ratamahatta · 06-02-2015, 05:34 PM

Silly remark here: You did make sure the "ethernet cable" is a cross cable, right?

JZL240I-U · 06-03-2015, 02:59 AM

No, I didn't. I know it works because I use it for file transfers between the machines, see also http://www.linuxquestions.org/questi...el-4175541126/.

As far as I know modern hardware for ethernet detects the type of cable and uses their protocols accordingly so cross cables are not anymore necessary.

michaelk · 06-03-2015, 06:58 AM

Looks like you did not change the example commands in the guide to match your network configuration. Your basic networking is already configured so just need to add the NAT rules on the PC and add DNS server to the netbook's resolv.conf file.

iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -I POSTROUTING -o ppp0 -j MASQUERADE

The netbook
ip route del default
ip route add default via 192.168.2.100

Add nameserver 8.8.8.8 to /etc/resolv.conf

JZL240I-U · 06-03-2015, 11:45 AM

Okay, I gave the iptables commands on the PC. Again, no trace in "iptables -L":

Code:

iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             ctstate ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED
input_ext  all  --  anywhere             anywhere            
LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-IN-ILL-TARGET "
DROP       all  --  anywhere             anywhere            

Chain FORWARD (policy DROP)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-FWD-ILL-ROUTING "

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            

Chain forward_ext (0 references)
target     prot opt source               destination         

Chain input_ext (1 references)
target     prot opt source               destination         
DROP       all  --  anywhere             anywhere             PKTTYPE = broadcast
ACCEPT     icmp --  anywhere             anywhere             icmp source-quench
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-ACC-TCP "
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
DROP       all  --  anywhere             anywhere             PKTTYPE = multicast                                                                      
DROP       all  --  anywhere             anywhere             PKTTYPE = broadcast                                                                      
LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-DROP-DEFLT "                                                                                                                 
LOG        icmp --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-INext-DROP-DEFLT "                                                                                                                                               
LOG        udp  --  anywhere             anywhere             limit: avg 3/min burst 5 ctstate NEW LOG level warning tcp-options ip-options prefix "SFW2-INext-DROP-DEFLT "
DROP       all  --  anywhere             anywhere            

Chain reject_func (0 references)
target     prot opt source               destination         
REJECT     tcp  --  anywhere             anywhere             reject-with tcp-reset
REJECT     udp  --  anywhere             anywhere             reject-with icmp-port-unreachable
REJECT     all  --  anywhere             anywhere             reject-with icmp-proto-unreachable

And on the netbook after "ip route del default": "RTNETLINK answers: No such process" and after "ip route add default via 192.168.2.100": "RTNETLINK answers: Network is unreachable"

Two minutes before that I successfully copied a bunch of files from the PC to the netbook (using sftp protocol in dolphin)...