Gentoo Router for my home network

[K-Dawg]

Hi fellow gentooers, I have a quick question for ya. I followed the Home Router Guide How-To located here http://www.gentoo.org/doc/en/home-router-howto.xml as I want to get rid of my Linksys router and gain better control over my connection. So I went out and got another 10/100 card so my gentoo box now has eth0 (3Com ethernet card) and eth1 (Linksys LNE100TX ethernet card). I rebuilt my kernel and got both interfaces up and running and followed the above guide but I cant seem to get out to the internet. After setting up the eth1 interface to dhcp for my cable broadband connection and directly connecting the eth1 NIC up to the cable modem I can /etc/init.d/dhcp restart and the eth1 interface will get an ip from my ISP but I still cannot get external connectivity (no pings to external sites or ip's). I have a feeling that it may have something to do w/ my routing table. I have the NAT iptable rules in place but I am just stumped as to why I cannot get out externally. Now it was late last night when I was doing this so i may have made a mistake but I just need to know that when i get this all setup I will still be able to use this server/router/workstation as I did before. In the future I was even wanting to throw in a wireless pci card and use the host-ap setup to have an integrated AP in my gentoo router/server/workstation so I wont lose the AP feature in my WRT54G once I get this new and improved gentoo router up and running properly.

Any suggestions are greatly appreciated.

[wmgoree]

Could you paste the results from either

[TheX]

I have the same problem too!!
I build up the routing PC and got Gentoo running.
I followed the same HOWTO.
When i tried to ping a www-adress (from a connected intranetPC), ping fails.
BUT : the Ip-adress has been sent to the intranet-PC.
Do you have the same Effect ?
So, I will help you when I've solved the Problem..
But for now, i have to wait for answers too .!

[bone]

Here is my setup:

Cable Modem <-> (nic 1/eth0) Gentoo Box (nic 2/eth1) <-> lan switch

*[root@bordergw:~/backups] cat /etc/conf.d/net
# /etc/conf.d/net: Global config file for net.* rc-scripts
# $Header: /var/cvsroot/gentoo-src/rc-scripts/etc/conf.d/net,v 1.10 2004/06/28 19:44:46 agriffis Exp $

ifconfig_eth0=( "dhcp" )
dhcpcd_eth0="-R -t 10"
ifconfig_eth1=( "192.168.1.1 broadcast 192.168.1.255 netmask 255.255.255.0" )


As you can see I used the very simple setup for my /etc/conf.d/net file.
Hope that helps either way.


Jon

[K-Dawg]

Excellent, thanks for the replies all. I am at work now and connected to my box via ssh now but I dont wanna mess w/ my setup at this point as it is all setup through my linksys router at this time and I dont wanna start bringing up interfaces and changing routes and lose my connectivity. When I get home in a couple hours hopefully I can sort this out quickly. I just need to know I will still be able to use this box as a router/server/and sometimes a workstation as well when my other machines are not on as I have been for quite awhile now but have been having my linksys bluebox do the forwarding and routing.

[K-Dawg]

Hell yeah, I am soo ecstatic w/ joy . But help me out if ya will understatnding just what is really going on w/ the routing in my network as I am confused as to whether or not I am really behind my gentoo router which is 192.168.1.1.

Here is the output of route -n

whitey root # route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
24.8.xxx.x 0.0.0.0 255.255.224.0 U 0 0 0 eth1
127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo
0.0.0.0 24.8.xxx.x 0.0.0.0 UG 0 0 0 eth1
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
whitey root #

and iptables -nL

whitey root # iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 reject-with icmp-port-unreachable
REJECT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 reject-with icmp-port-unreachable
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:6881:6999
DROP icmp -- 0.0.0.0/0 0.0.0.0/0
DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:0:1023
DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:0:1023

Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP all -- 0.0.0.0/0 192.168.1.0/24
ACCEPT all -- 192.168.1.0/24 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 192.168.1.0/24

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
whitey root #

My question is am i behind my router at this point or am I just not seeing it in the routing table. the eth1 interface is connected to the WAN and eth0 to my LAN switch. Also eth0 is my gentoo router w/ an ip of 192.168.1.1. My dhcp server and dnsmasq is working excellent as I booted my lappy into XP and gentoo and got an auto assigned ip from my gentoo router. I have gone to dslreports.com and grc.com and done 2 ports scan tests adn it shows I am in good shape but could someone reassure me that I am not just sitting wide open on the NET.

Your help and wisdom is greatly appreciated to those who can set me straight on this.

[wmgoree]

[K-Dawg]

So I am thinking that in my /etc/conf.d/net I need to remove the statement:

gateway="eth0/192.168.1.1"
(this was used w/ my old linksys wrt54g router setup)

as eth1 which has the direct conn to my cable modem already receives a default gw from the dhcp statement that I have set for that interface in /etc/conf.d/net. Is this correct or am i lost once again?