Re: [Masq] * basic ipchains setup problem *

Mon, 13 Sep 1999 09:51:43 -0700 

/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */



Good day, Tony,

On Tue, 14 Sep 1999, Tony Laszlo wrote:

> Greetings from Jiyugaoka, Tokyo. 
> 
> I am trying to setup ip masquerading 
> with a two computer ethernet network: 
> a Linux box (2.2.10 kernel, Turbolinux) 
> and a Mac 7100/66av running MacOS 8.6 . 
> The Linux box connects to a dialup 
> account via ppp. 
> I seem to be getting pretty close, but 
> still no cigar. The two computers can 

[portions of the original post snipped]

> The Linux box's IP address is 192.168.1.1 
> Net Mask       255.255.255.0
> Network Addr   192.168.1.0
> Broadcast Addr 192.168.1.255
> 
> The Mac's IP address is 192.168.1.200 . 
> 
> /etc/rc.d/rc.local has this in it: 
> if [ -f /etc/rc.d/rc.ipfwadm ]; then /etc/rc.d/rc.ipfwadm; fi;
> 
> /etc/rc.d/rc.ipfwadm has this in it: 
> 
> /sbin/depmod -a
> /sbin/modprobe ip_masq_ftp
> /sbin/modprobe ip_masq_raudio
> /sbin/modprobe ip_masq_irc
> /sbin/modprobe ip_masq_cuseeme
> /sbin/modprobe ip_masq_vdolive
> echo "1" > /proc/sys/net/ipv4/ip_forward
> echo "1" > /proc/sys/net/ipv4/ip_dynaddr
> /sbin/ipchains -M -S 7200 10 160
> /sbin/ipchains -P forward DENY
> /sbin/ipchains -A forward -j MASQ -s 192.168.1.0/255.255.255.0 -d 0.0.0.0/0 -i e
> th0
        I believe the problem is the "-i eth0".  Masquerading rules (and,
in fact, _all_ forwarding rules) need to use the interface the packets use
to _leave_ the system - ppp0, in your case.
        Try changing the "-i eth0" to "-i ppp0" and I think it'll work.
        Cheers,
        - Bill

---------------------------------------------------------------------------
        "SCSI is *NOT* magic.  There are *fundamental technical reasons*
why it is necessary to sacrifice a young goat to your SCSI chain now and
then." 
        -- [EMAIL PROTECTED]
--------------------------------------------------------------------------
William Stearns ([EMAIL PROTECTED]).  Mason, Buildkernel, named2hosts, 
and ipfwadm2ipchains are at: http://www.pobox.com/~wstearns/
--------------------------------------------------------------------------



_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.

Reply via email to