Hi Lonnie Thanks for the help. I gonna try it and tell you the result.
:-) Michael P.S.: I like the cleaner way, too. Lonnie Abelbeck wrote: > Michael, > > Update, if you add to the file > "/mnt/kd/arno-iptables-firewall/custom-rules" the two lines... -- > iptables -t nat -A POSTROUTING -o eth0 -s 172.17.2.128/29 ! -d > 172.17.2.128/29 -j MASQUERADE > > iptables -I SPOOF_CHK -i br1 -s 172.17.2.128/29 -j RETURN > -- > > and leave "astlinux.shim" alone, it should work. > > This is a much better way than hacking "astlinux.shim"... > > Lonnie > > > On Jul 14, 2010, at 2:17 PM, Lonnie Abelbeck wrote: > >> >> On Jul 14, 2010, at 1:11 PM, Michael wrote: >> >>> Hi Lonnie >>> >>> There is no dnsmasq on the box, so I guess at least not easy. >>> >>> With my old router (instead of the astlinux box) I could simply add a >>> static route to the router and everything worked. Apparently, it also >>> modified its firewall settings automatically. >>> >>> Anyway, do you see another alternative? >> >> Michael, >> >> This will get ugly... >> >> You could add custom iptables rules in >> "/mnt/kd/arno-iptables-firewall/custom-rules" if you are iptables savvy. >> >> Or, I may regret mentioning this, but you could edit >> "/usr/share/arno-iptables-firewall/astlinux.shim" (NOBODY ELSE DO THIS) >> and change... >> >> -- from -- >> INTERNAL_NET="" >> NAT_INTERNAL_NET="" >> -- to -- >> INTERNAL_NET="172.17.2.128/29" >> NAT_INTERNAL_NET="172.17.2.128/29" >> -- >> >> Note: Undo this change with "rm >> /oldroot/mnt/asturw/usr/share/arno-iptables-firewall/astlinux.shim" >> >> When you upgrade with future AstLinux versions you will have to make sure >> a newer "astlinux.shim" does not exist. >> >> Best to clean-up your network and then undo this change in the future. >> >> Lonnie > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by Sprint > What will you do first with EVO, the first 4G phone? > Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
