iptables+dhcpd help needed plz :S

[zion1459]

Hi.

I'm trying to setup Internet sharing. here's my setup so far.

eth0: connected to the internet using dhcpcd.
eth1: IP: 192.168.0.1

I've installed dhcpd and it's giving all LAN computer connecting to eth1 an IP address.. this part works great.

I've also installed iptables and tried doing a:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

iptables works flawlessly but my windoze box can't get on the net.
the windoze box gets and IP as it should but no Internet. I wanted to make my internet sharing so that the client simply had to get their IP, dns, etc via dhcp and then Internet should work without proxy settings.. the typical "plugin the cable and u're online" setup...

what have I done wrong?

regards zion1459

[grooveman]

Can your windows machine ping your linux machine? (and vice-versa).

Does your dhcp server pass along the dns server information to your windows box? Trying pinging an ip rather than a DNS name.

Are you sure that eth0 is the proper nic? This should be the one connected to the internet...

Have you double-checked to make sure your linux box has connectivity to the internet?

BTW -- I certainly hope you have some more rule sets in your iptables script to protect your network. If that is your only ruleset, then your are inviting trouble.


Sorry if some of these questions seem dumb, but it is best to start simple.

Anyway, I hope some of it was helpful.

Chris
_________________
To look without without looking within is like looking without without looking at all.

[krusty_ar]

You need to set the default gateway via dhcp in your windoze, to check if you are already doing this, use winipcfg (win9x) or ipconfig (NT). you can set it manually in win9x via the network icon in the desktop at least in 9x.
_________________
I am Beta, don't expect correct behaviour from me.
Take part of the adopt an unaswered post initiative

[splooge]

My first question when anyone has this sort of problem:

Did you do a:

echo 1 > /proc/sys/net/ipv4/ip_forward

?
_________________
http://get.a.clue.de

[grooveman]

Yeah... Good point splooge!
_________________
To look without without looking within is like looking without without looking at all.

[zion1459]

yea I've done the "echo "1" > ...."

I think the problem is with the dhcp server.. how do I get it to pass along the information from the dhcpcd which get the internet dns servers? or do I simply have to type the dns's in manually? (this would suck since my ISP sometimes changes the ip on the dns servers.. don't ask me why... )

[Buzzz]

I would say, install dnsmasq and use your router in the rest of the network as dns server.
do a
emerge dnsmasq
/etc/init.d/dnsmasq start
rc-update add dnsmasq default

And add the following line to your /etc/dhcp/dhcpd.conf
option domain-name-servers 192.168.1.1;

dnsmasq automatically uses your /etc/resolv.conf to forward the dns requests to and also adds your /etc/hosts to the dns. Just perfect for your use i think
_________________
There are no stupid questions, but there are a lot of inquisitive idiots

[zion1459]

Buzz: yea it did the trick j33t.. now I got Internet for my LAN

thx all

oh btw. grooveman said something about security... now if some1 would wanna mess with my system they would have to be on my LAN right? I mean, I don't wanna install a firewall then since I 0wn all the boxes on my LAN... right?

[x3m.seth]

buzz or anyone... i'd realize this is an old topic, but everything goes well... from the other machine i do ping google.com and it resolves but seems can't reach the host.......
i guess it's something with my routing tables?? any help here???

my internet provider gave me a dynamic ip, and i have a network card on 192.168.0.1 wich i have installed gentoo and dnsmasq to be the dns resolver...