Instead of this: tables -t nat -A PREROUTING -p tcp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.0.1 iptables -t nat -A PREROUTING -p udp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.0.1
Did you do/would you try this (on your server): tables -t nat -A PREROUTING -p tcp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.1.254 iptables -t nat -A PREROUTING -p udp -s 192.168.0.202 -d 192.168.0.200 --dport domain -j DNAT --to-destination 192.168.1.254 This assumes your router is set up as a DNS server. Then in resolv.conf, use your router at 192.168.1.254 as the DNS server, not any of those other values. That is (I think) similar to how I have mine configured at home. If you still have problems, I'll post my exact /etc conf files for you when I get home. On Thu, Sep 18, 2008 at 12:22 PM, Christian Weßel <[EMAIL PROTECTED]> wrote: > Hello mokos, > > I just have a DNS problem, I try to configure my FC6 following the guide > http://wiki.openmoko.org/wiki/USB_Networking#Proxying_with_iptables > because I have a simple static environment for my FR. > > FR.usb.ip = 192.168.0.202 > server.usb.ip = 192.168.0.200 > server.eth.ip = 192.168.1.10 > router.eth.ip = 192.168.1.254 > DNS.ip = 212.6.108.140 > > on server: > [EMAIL PROTECTED] ~]# cat /etc/resolv.conf > search home > nameserver 212.6.108.140 > nameserver 212.6.108.141 > > [EMAIL PROTECTED] ~]# iptables -L -t nat --line-numbers -n > Chain PREROUTING (policy ACCEPT) > num target prot opt source destination > 1 DNAT tcp -- 192.168.0.202 192.168.0.200 tcp > dpt:53 to:212.6.181.140 > 2 DNAT udp -- 192.168.0.202 192.168.0.200 udp > dpt:53 to:212.6.181.140 > > Chain POSTROUTING (policy ACCEPT) > num target prot opt source destination > 1 MASQUERADE all -- 192.168.0.0/24 0.0.0.0/0 > > Chain OUTPUT (policy ACCEPT) > num target prot opt source destination > > on FR: > [EMAIL PROTECTED]:~# cat /etc/resolv.conf > nameserver 192.168.0.200 > > [EMAIL PROTECTED]:~# ping 74.125.19.147 -c 1 > PING 74.125.19.147 (74.125.19.147): 56 data bytes > 64 bytes from 74.125.19.147: seq=0 ttl=236 time=182.480 ms > > --- 74.125.19.147 ping statistics --- > 1 packets transmitted, 1 packets received, 0% packet loss > round-trip min/avg/max = 182.480/182.480/182.480 ms > > [EMAIL PROTECTED]:~# nslookup www.google.com > Server: 192.168.0.200 > Address 1: 192.168.0.200 > > nslookup: can't resolve 'www.google.com' > > For me the masqueration seems to be fine, just something with DNAT is > wrong. > If I change the FR.resolv.conf to 'nameserver 212.6.181.140' it also not > working. > > But what's wrong? > > BTW: I got no SElinux security alerts, neither in secure nor in > messages. > -- > > mfg/br, christian > > Flurstraße 14 > 29640 Schneverdingen > Germany > > E-Mail: [EMAIL PROTECTED] > Telefon: +49 5193 97 14 95 > Mobile: +49 171 357 59 57 > http://wesselch.homelinux.org > > _______________________________________________ > Openmoko community mailing list > community@lists.openmoko.org > http://lists.openmoko.org/mailman/listinfo/community > >
_______________________________________________ Openmoko community mailing list community@lists.openmoko.org http://lists.openmoko.org/mailman/listinfo/community