Re: [expert] ip_forward question

Fri, 19 May 2000 11:07:51 -0700 

On Fri, 19 May 2000, you wrote:
> I am really a newbie but all the people in 
> [EMAIL PROTECTED] could not help me and forwarded
> me to here.  I have a problem with ip forwarding.  Here 
> is the e-mails forward.  

<HUGE SNIP>

You need two interfaces to make this work properly

One is your linux box to your network--via ethernet and a HUB

The other is to the DSL  via a DSL card, or an ethernet to an external DSL
modem or whatever. 

Once you have that--we need to know the NAMES of the interfaces.

Example:

nwarctic.yi.org / servername caribou.workgroup has eth0 to a hub and eth1 to a
DSL.  The DSL is in bridging mode (and we WILL need to know whether yours is in
bridging or routing mode so contact your ISP and DSL provider and sharpen your
communication skills over the telephone), and has a static IP (one of them, not
a block of 8)  BOTH ends of a bridging connection have the SAME IP address.

Anyway, once the networking is set up with eth0 as the IP address all the other
computers have listed as their default gateway (could do the IP of eth1 for
linux boxes, but winboxes can't route their way out of a wet paper bag) and
with eth1 as the IP address of the system over the internet, we do this....


ipchains -P forward DENY        #policy to DENY all forward requests
ipchains -A forward -i eth1 -j MASQ     #and masquerade those for device eth1
echo 1 > /proc/sys/net/ipv4/ip_forward  #turn on masquerading

Obviously, you might want to do a bit of firewalling/denying sites like
doubleclick, etc.  but these three lines should have you up and running if you
get the name of eth1 specific to your system.

forwarding will have no salutory effect if you connect the adsl modem to a
hub--make sure everything has to go through the linux box to get to the DSL,
and make sure all the winboxes know that the IP of the local interface for the
linux box is their default gateway.

Example:

caribou.workgroup eth0 has IP Addr 192.168.1.1
winbox (used to be) tom.workgroup has IP addr 192.168.1.193
and in Network Neighborhood the default gateway on tom.workgroup is 192.168.1.1
Of course, host tom.workgroup these days answers 2.2.15-xmdk to uname -a
because I have no winboxes in my network, just IRIX and linux-mandrake here,
folks.

Civileme

Reply via email to