| View previous topic :: View next topic |
| Author |
Message |
homeobocks
Guru
Joined: 19 Dec 2003
Posts: 345
Location: I'm from Canada, and they say I'm a little slow . . . eh?
|
 Posted: Wed Feb 04, 2004 2:55 am Post subject: Sharing Internet Connection |
 |
|
Here's the situation. There are two computers involved. Greedo is a Windows XP box (not mine, my family's), and IG-88 is a Gentoo box. IG-88 connects to Greedo from IG-88.eth0, to Greedo.eth1. Greedo.eth2 conencts to the internet. I am going to install Gentoo on another hdd on Greedo, but I still want the connection to be shared (so IG-88 can access the internet). This diagram should clear things up:
| Code: |
+-------------+ +----------------+
Internet===+----+ Greedo |----+====+----+ IG-88 |
|eth0| |eth1| |eth0| |
+----+-------------+----+ +----+----------------+ |
Anyways, I am going to do the Knoppix install. How would I make the connection shared? Please explain it well, as I am a recent RedHat convert.
Thanks a lot.
_________________
HOW DO I SHOT WEB |
|
| Back to top |
|
 |
homeobocks
Guru
Joined: 19 Dec 2003
Posts: 345
Location: I'm from Canada, and they say I'm a little slow . . . eh?
|
| Posted: Wed Feb 04, 2004 5:40 am Post subject: |
|
|
bump
_________________
HOW DO I SHOT WEB |
|
| Back to top |
|
|
homeobocks
Guru
Joined: 19 Dec 2003
Posts: 345
Location: I'm from Canada, and they say I'm a little slow . . . eh?
|
| Posted: Wed Feb 04, 2004 7:35 pm Post subject: |
|
|
bump 
_________________
HOW DO I SHOT WEB |
|
| Back to top |
|
|
triwebb1
Tux's lil' helper
Joined: 19 Oct 2003
Posts: 87
|
| Posted: Wed Feb 04, 2004 11:33 pm Post subject: |
|
|
It is called masquerading in linux. Do this on Greedo:
| Code: | iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward |
That will enable masquerading going out your external interface, and allow ip forwarding. This is NAT/PAT. |
|
| Back to top |
|
|
john7002
Apprentice
Joined: 21 Jan 2004
Posts: 238
Location: United Kingdom
|
|
| Back to top |
|
|
homeobocks
Guru
Joined: 19 Dec 2003
Posts: 345
Location: I'm from Canada, and they say I'm a little slow . . . eh?
|
| Posted: Thu Feb 05, 2004 3:01 am Post subject: |
|
|
| triwebb1 wrote: | It is called masquerading in linux. Do this on Greedo:
| Code: | iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward |
That will enable masquerading going out your external interface, and allow ip forwarding. This is NAT/PAT. |
When I do the first command, I get this message: | Code: | iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADEWarning: weird character in interface `-j' (No aliases, :, ! or *).
Bad argument `MASQUERADE'
Try `iptables -h' or 'iptables --help' for more information.
|
I also tried with SNAT, but with the same results (s/MASQUERADE/SNAT).
_________________
HOW DO I SHOT WEB |
|
| Back to top |
|
|
aerandir
n00b
Joined: 09 Jan 2004
Posts: 13
Location: Denmark
|
| Posted: Thu Feb 05, 2004 3:18 am Post subject: |
|
|
do you have masquarading (and other relevant netfilter parts) enabled in your kernel?
| Code: | gauntlet:/usr/src/linux# grep MASQ .config
CONFIG_IP_NF_TARGET_MASQUERADE=m |
I usually enable all netfilter stuff as modules and then load the ones I need.. |
|
| Back to top |
|
|
homeobocks
Guru
Joined: 19 Dec 2003
Posts: 345
Location: I'm from Canada, and they say I'm a little slow . . . eh?
|
| Posted: Thu Feb 05, 2004 9:39 pm Post subject: |
|
|
| aerandir wrote: | do you have masquarading (and other relevant netfilter parts) enabled in your kernel?
| Code: | gauntlet:/usr/src/linux# grep MASQ .config
CONFIG_IP_NF_TARGET_MASQUERADE=m |
I usually enable all netfilter stuff as modules and then load the ones I need.. |
Yeah, Knoppix 3.3 has masquarading in the kernel.
_________________
HOW DO I SHOT WEB |
|
| Back to top |
|
|
homeobocks
Guru
Joined: 19 Dec 2003
Posts: 345
Location: I'm from Canada, and they say I'm a little slow . . . eh?
|
| Posted: Fri Feb 06, 2004 7:40 pm Post subject: |
|
|
bump
_________________
HOW DO I SHOT WEB |
|
| Back to top |
|
|
ClausH
n00b
Joined: 03 Aug 2003
Posts: 58
Location: Herning, denmark
|
| Posted: Fri Feb 06, 2004 10:14 pm Post subject: |
|
|
| homeobocks wrote: | | triwebb1 wrote: | It is called masquerading in linux. Do this on Greedo:
| Code: | iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward |
That will enable masquerading going out your external interface, and allow ip forwarding. This is NAT/PAT. |
When I do the first command, I get this message: | Code: | iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADEWarning: weird character in interface `-j' (No aliases, :, ! or *).
Bad argument `MASQUERADE'
Try `iptables -h' or 'iptables --help' for more information.
|
I also tried with SNAT, but with the same results (s/MASQUERADE/SNAT). |
Did you set $EXTIF to your external interface eg.
And if your default policies are not set do ACCEPT, you will need
| Code: |
iptables -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT
|
with $INTIF being the internal interface.
Mvh Claus Holmgaard |
|
| Back to top |
|
|
|
Networking & Security
