[H-GEN] router woes (iptables specific?)

Matthew Taylor bmatthewtaylor at yahoo.co.uk
Wed Jul 17 19:43:57 EDT 2002 

Scott Pullen wrote:

>
> Which box is 192.168.1.254.  You are telling the client box that this 
> is the machine it has to talk 

ahh, re-read my dhcpd.conf and saw
option routers 192.168.1.254
Changed this to the obvious ('option routers 192.168.1.1') , restarted 
dhcpd and now dhcpcd / pump on the client box produces the right routing 
table (attached)

> I assume that you have ipchains/iptables set up on the router?!?  You 
> need to tell the router to masquerade the packets with something like:
>
> ipchains -A forward -s 192.168.1.0/24 -d !192.168.1.254 -j MASQ

On advice I'm starting with iptables, using the rc.firewall script from 
the IP-Masquerade-HOWTO, currently  re-reading the iptables man pages, 
and various howtos to 'get a grip' on iptables, on the steep learning 
curve at moment. attached file shows the iptables --list output. If 
someone has a 'simple' working example of iptables or can 'spot the 
obvious' I'd appreciate this.

router_ifconfig contains ifconfig from the router box.

at moment I can
ping client (192.168.1.12) from router
ping router eth1 (192.168.1.1) from client
ping router  (203.51.218.126) from client
cannot ping anything on 'net from client
can ping anything on 'net from router.

I dont understand what this really means but included for completness.
cannot ping router P-t-P (172.31.34.24) from client
cannot ping router P-t-P (172.31.34.24) from router

I tried
dig www.google.com
and
traceroute www.google.com

to see if I could find out what was happening (both timed out, 
unreachable), is there a way of 'seeing' what iptables is doing to requests?


Mat.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: iptables--list_router
URL: <http://lists.humbug.org.au/pipermail/general/attachments/20020718/b8c53e95/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: dhcpcd_client_route_table
URL: <http://lists.humbug.org.au/pipermail/general/attachments/20020718/b8c53e95/attachment-0001.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: router_ifconfig
URL: <http://lists.humbug.org.au/pipermail/general/attachments/20020718/b8c53e95/attachment-0002.ksh>

More information about the General mailing list