Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

echo "1" > /proc/sys/net/ipv4/ip_forward
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
bert
n00b
n00b


Joined: 20 Jun 2002
Posts: 11
Location: Amsterdam
PostPosted: Wed Aug 21, 2002 5:00 pm    Post subject: echo "1" > /proc/sys/net/ipv4/ip_forward Reply with quote
Small question: is there a preferred Gentoo way of enabling IP forwarding? I can do it manually and add it to some startup-script with
Code:
echo "1" >/proc/sys/net/ipv4/ip_forward

but most distro's have some sort of wrapper mechanism for this. I haven't been able to find this for Gentoo, it would seem to make sense to be able to configure this in /etc/conf.d/net...
Back to top
View user's profile Send private message
pjp
Administrator
Administrator


Joined: 16 Apr 2002
Posts: 20589
PostPosted: Wed Aug 21, 2002 5:02 pm    Post subject: Reply with quote
iptables?
_________________
Quis separabit? Quo animo?
Back to top
View user's profile Send private message
bert
n00b
n00b


Joined: 20 Jun 2002
Posts: 11
Location: Amsterdam
PostPosted: Wed Aug 21, 2002 5:20 pm    Post subject: Reply with quote
For now I've added it to net.eth2, which handles the outside interface. /etc/init.d/iptables could be better, yes.

That script, iptables, could use some added sophistication BTW, like activating an OFF ruleset when the service is stopped, etc. Debian has really nice stuff for this. Personally I don't really like the current automagical saving of the current rule-set at service stop.

On a side-track, there is a bug in iptables 1.2.7, iptables-restore doesn't like the ruleset-file saved by iptables-save. I've merged 1.2.6a as a work-around.
Back to top
View user's profile Send private message
phong
Bodhisattva
Bodhisattva


Joined: 16 Jul 2002
Posts: 778
Location: Michigan - 15 & Ryan
PostPosted: Wed Aug 21, 2002 6:12 pm    Post subject: Reply with quote
I just created my own script in init.d to do the echo (had it require() iptables) and added it to my default runlevel. That way I can start and stop it easily if I had some reason to do so. It's a q&d but this is what it looks like:
Code:
#!/sbin/runscript
# A simple service to start and stop IP masquerading
depend() {
        need iptables
}

start() {
        ebegin "Starting IP masquerading..."
        echo "1" > /proc/sys/net/ipv4/ip_forward
        echo "1" > /proc/sys/net/ipv4/ip_dynaddr
        eend $?
}

stop() {
        ebegin "Stopping IP masquerading..."
        echo "0" > /proc/sys/net/ipv4/ip_forward
        echo "0" > /proc/sys/net/ipv4/ip_dynaddr
        eend $?
}

Also, I'm glad others are having trouble with iptables-save in 1.2.7 - I thought for a minute I might be crazy.
_________________
"An empty head is not really empty; it is stuffed with rubbish. Hence the difficulty of forcing anything into an empty head."
-- Eric Hoffer
Back to top
View user's profile Send private message
kirill
Apprentice
Apprentice


Joined: 01 Aug 2002
Posts: 183
Location: Finland
PostPosted: Wed Aug 21, 2002 7:28 pm    Post subject: Reply with quote
phong wrote:
I just created my own script in init.d to do the echo (had it require() iptables) and added it to my default runlevel. That way I can start and stop it easily if I had some reason to do so. It's a q&d but this is what it looks like:
Code:
#!/sbin/runscript
# A simple service to start and stop IP masquerading
depend() {
        need iptables
}

start() {
        ebegin "Starting IP masquerading..."
        echo "1" > /proc/sys/net/ipv4/ip_forward
        echo "1" > /proc/sys/net/ipv4/ip_dynaddr
        eend $?
}

stop() {
        ebegin "Stopping IP masquerading..."
        echo "0" > /proc/sys/net/ipv4/ip_forward
        echo "0" > /proc/sys/net/ipv4/ip_dynaddr
        eend $?
}


What does ip_dynaddr exactly do? Is it needed if any interface has an dynamic ip-address?




phong wrote:
...I'm glad others are having trouble with iptables-save...

:twisted:
_________________
--kirill
Back to top
View user's profile Send private message
dingo
n00b
n00b


Joined: 18 Aug 2002
Posts: 58
PostPosted: Mon Aug 26, 2002 1:03 am    Post subject: Reply with quote
bert wrote:

That script, iptables, could use some added sophistication BTW, like activating an OFF ruleset when the service is stopped, etc. Debian has really nice stuff for this. Personally I don't really like the current automagical saving of the current rule-set at service stop.


I completely agree, after setting up iptables I was so frustrated to find the iptables ruleset set up, but not working, only to find that echo "1" > /proc/sys/net/ipv4/ip_forward isn't enabled by default. Should definitly be addded. And some default rule-sets should come with iptables, for masquerade, paraniod, etc.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy