/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Hi all, I've been corresponding with a couple of you about IP MASQ, and I am
still absolutely stuck. I've fixed a couple minor errors from my last post
that seemed to cause some issues, but I feel like I've been through the
configuration several times now and have stopped finding anything wrong. I
thought I'd put up this final post to see if anyone could catch what might
be wrong.
I've got two machines: One with Debian Linux 2.2.12 with a NIC card of
192.168.0.2 and a modem with a PPP connection that is DHCP, and a Windows NT
box with a NIC of 192.168.0.1. I've got IP MASQ _almost_ working. From the
Linux I can ping the modem IP, the local Linux NIC ip, the WinNT ip, and
external internet ips. From the WinNT box I can ping the local ip, the
Linux NIC ip, and the Linux modem PPP dynamically assigned ip, but NOT any
external internet ips. I'm trying to ping numeric ip addresses in all
cases.
ifconfig gives me this:
eth0 Link encap:Ethernet HWaddr 00:40:05:A1:74:5F
inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:31 errors:0 dropped:0 overruns:0 frame:0
TX packets:89 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
Interrupt:5 Base address:0x240
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
ppp0 Link encap:Point-to-Point Protocol
inet addr:165.247.149.122 P-t-P:168.121.1.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1514 Metric:1
RX packets:18 errors:0 dropped:0 overruns:0 frame:0
TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
netstat -rn gives me this:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt
Iface
168.121.1.1 0.0.0.0 255.255.255.255 UH 0 0 0
ppp0
127.0.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 lo
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0
eth0
0.0.0.0 168.121.1.1 0.0.0.0 UG 0 0 0
ppp0
Here's the commands I've used to do this (cat /etc/init.d/network)
#! /bin/sh
insmod ne io=0x240 irq=5
ifconfig lo 127.0.0.1
route add -host 127.0.0.1 lo
ifconfig eth0 192.168.0.2 netmask 255.255.255.0
ipchains -F forward 2>> /root/errors.dat
ipchains -P forward DENY 2>> /root/errors.dat
ipchains -A forward -i ppp0 -s 192.168.0.0/24 -d 0.0.0.0/0 -j MASQ 2>>
/root/errors.dat
echo 1 > /proc/sys/net/ipv4/ip_forward 2>> /root/errors.dat
no errors result from executing these, I even executed them manually a
couple times to make sure.
I also did 'cat /proc/sys/net/ipv4/ip_forward' and got a '1'.
Here's all the files I could find on my system that might be related to this
(find *masq* and ip_*)
/lib/modules/2.2.12/ipv4/ip_masq_user.o
/lib/modules/2.2.12/ipv4/ip_masq_ftp.o
/lib/modules/2.2.12/ipv4/ip_masq_irc.o
/lib/modules/2.2.12/ipv4/ip_masq_raudio.o
/lib/modules/2.2.12/ipv4/ip_masq_quake.o
/lib/modules/2.2.12/ipv4/ip_masq_vdolive.o
/lib/modules/2.2.12/ipv4/ip_masq_cuseeme.o
/proc/sys/net/ipv4/ip_local_port_range
/proc/sys/net/ipv4/ip_masq_debug
/proc/sys/net/ipv4/ip_dynaddr
/proc/sys/net/ipv4/ip_no_pmtu_disc
/proc/sys/net/ipv4/ip_autoconfig
/proc/sys/net/ipv4/ip_default_ttl
/proc/sys/net/ipv4/ip_forward
/proc/net/ip_masq
/proc/net/ip_masquerade
/proc/net/ip_fwnames
/proc/net/ip_fwchains
/usr/sbin/ipmasqadm
/usr/lib/ipmasqadm
/usr/doc/netbase/ipmasqadm
/usr/man/man8/ipmasqadm.8.gz
Here's the settings on my WinNT machine in control
panel->network->protocols->TCP/IP->properties:
IP: 192.168.0.1
Mask: 255.255.255.0
Gateway: 192.168.0.2
The two DNS servers of my ISP have been entered as the DNS servers
The only thing I found on the Internet to try that didn't work was this
line:
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
because that file doesn't exist on my linux system.
Any advice is greatly appreciated! Thanks for everybodys input,
Rusty
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
