From: Antony Stone <Antony@Soft-Solutions.co.uk>
To: netfilter@lists.netfilter.org
Subject: Re: Please help...
Date: Mon, 28 Jun 2004 23:13:38 +0100 [thread overview]
Message-ID: <200406282313.38971.Antony@Soft-Solutions.co.uk> (raw)
In-Reply-To: <FC8C43AB-C94D-11D8-9C38-000A95AD0230@mac.com>
On Monday 28 June 2004 10:56 pm, Sam Loy wrote:
> I have 2 NICs in a Linux 9 installation.
Linux 9!? Wow - I've only just upgraded to version 2.6 :)
> One card connects to my lan with a static ip of 192.168.1.1. The other
> connects to my DSL provider which dynamically allocates the ip.
Sounds pretty standard so far....
> I did this:
>
> modprobe iptable_nat
>
> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
>
> echo 1 > /proc/sys/net/ipv4/ip_forward
>
>
> It does not work.
How are you testing it?
> When I do a iptables -t nat -n -L It displays:
>
> MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0
A more useful command in this case would be "iptables -L -t nat -nvx", because
the -v option shows you the interfaces applying to the rules as well.
> Don't get it - Do I need to manually add a route?
Probably not, but what does your routing table show anyway?
Here are some things to test - in order:
1. Can you access anything out on the Internet from the firewall machine
itself? (Ping, traceroute would be good tests - by IP address if you don't
have DNS resolving hostnames yet)
2. Do you have any rules in the FORWARD chain (and what is the FORWARD default
policy)?
3. If you try a traceroute from a machine inside your LAN to an address on the
Internet, what is the result?
4. After whatever tests you are trying, what does "iptables -L -nvx; iptables
-L -t nat -nvx" show for the packet/byte counters on the rules (and default
policies)?
You can't be too far away from a working solution - it's a pretty standard
setup.
Regards,
Antony.
--
There are only 10 types of people in the world:
those who understand binary notation,
and those who don't.
Please reply to the list;
please don't CC me.
next prev parent reply other threads:[~2004-06-28 22:13 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-06-28 21:56 Please help Sam Loy
2004-06-28 22:13 ` Antony Stone [this message]
2004-06-28 22:18 ` Marek Dohojda
[not found] ` <16609.34789.711050.944527@saint.heaven.net>
2004-06-29 16:57 ` Sam Loy
-- strict thread matches above, loose matches on Subject: below --
2019-11-12 9:02 Please Help Richard
2019-11-12 8:32 Richard
2019-11-12 8:15 Richard
2019-11-12 8:15 Richard
2019-11-12 7:08 Richard
2014-08-27 17:51 Annie Smith
2014-08-26 10:59 Annie Smith
2012-01-15 23:25 Tai Bei
2012-01-15 23:25 Tai Bei
2012-01-15 23:25 Tai Bei
2012-01-15 21:56 Tai Bei
2012-01-15 21:48 Tai Bei
2012-01-15 21:40 Tai Bei
2012-01-15 21:40 Tai Bei
2010-05-07 11:36 Pol
2009-02-11 14:59 constantine
2007-10-10 5:56 please help cyjoyp
2004-05-02 14:13 Please help raven
2004-05-03 13:21 ` Jeff Moyer
[not found] <001c01c0b04b$7b39df80$4c0c5c8c@trd.iii.org.tw>
2001-03-19 18:21 ` guru
2001-03-19 18:38 ` nick
2001-03-19 23:29 ` Dr. Kelsey Hudson
2001-03-19 18:56 ` Jonathan Lundell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200406282313.38971.Antony@Soft-Solutions.co.uk \
--to=antony@soft-solutions.co.uk \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.