[Masq] routable IP's and IP Masq

Tue, 22 May 2001 00:06:02 -0700 

/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
/* ALSO: Don't quote this header. It makes you look lame :-) */


I want to both have a Masqueraded subnet and have routable IP numbers
going through the same linux router, and I don't seem to be able to get
it to work.  I saw the posts before concerning this issue and I tried to
implement those ipchain sets, but something is still not working with
the routable IP's.  I have 5 routable IP's and two Masq'ed subnets, and
to begin I just want it to work with simple ipchains on two of the
routable IP's (the one going to the dsl modem on eth0 and the one on the
internal client machine); I will add more ipchain sets later on.

This is what I have so far which I copied from the previous posts on
this subject from this mailing list, and I have tried many different
configurations with the same sort of information with no luck.  The two
Masq'ed subnets work fine though, it is just that I cannot seem to get
any information to pass to the internal client machine that has a
routable IP.

Thanks for any input.

Mike

**Here is the contents of the chain set:

/sbin/ipchains -A forward -s 64.169.186.140 -i eth0 -j ACCEPT
/sbin/ipchains -A forward -d 64.169.186.140 -i eth1 -j ACCEPT
/sbin/ipchains -A forward -s 192.168.1.0/24 -i eth0 -j MASQ
/sbin/ipchains -A forward -s 192.168.4.0/24 -i eth0 -j MASQ
/sbin/ipchains -A forward -j DENY -l

**Here is the output when I issue #ipchains -L -n:

Chain input (policy ACCEPT):
Chain forward (policy DENY):
target     prot opt     source                destination
ports
ACCEPT     all  ------  64.169.186.140       0.0.0.0/0             n/a
ACCEPT     all  ------  0.0.0.0/0            64.169.186.140        n/a
MASQ       all  ------  192.168.1.0/24       0.0.0.0/0             n/a
MASQ       all  ------  192.168.4.0/24       0.0.0.0/0             n/a
DENY       all  ----l-  0.0.0.0/0            0.0.0.0/0             n/a
Chain output (policy ACCEPT):

_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- 
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.

Reply via email to