l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
November 4: Social gathering
Next Installfest:
TBD
Latest News:
Oct. 10: LUGOD Installfests coming again soon
Page last updated:
2001 Dec 30 17:10

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox-tech] iptables hates me
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox-tech] iptables hates me




I can't  get iptables to masq squat. I've got rp-pppoe on eth0 and eth1 is
my internal net.  I have tried four firewall/masqing scripts and the same
result with all:  my LAN host can ping the eth1 on the masq box, and the
masq box can ping both eth1, and ppp0, but the LAN hosts can't ping any
internet address.  Everything seems to be in order, I even tried this
rule (only):
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
it didn't work.  I tried it with eth0. I tried an ipchains firewall/masq
script.  I am beginning to contemplate recompiling my kernal and modules,
but want to check somehow if this is necessary.
         I am open to any illuminating commentary.  (i.e. I guess I'll 
be going to
tonight's presentation.)
Thanks ever so much,
Nick


depmod -a gives the following:

#depmod -a
  depmod: *** Unresolved symbols in /lib/modules/2.4.2-2/net


some other relevant stuff follows:
(That's netalk and asun on eth1 if you are wondering...)

# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:40:33:D3:5F:98
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:4541 errors:0 dropped:0 overruns:0 frame:0
           TX packets:5821 errors:0 dropped:0 overruns:0 carrier:0
           collisions:3

eth1      Link encap:Ethernet  HWaddr 00:50:BA:5E:C3:08
           inet addr:192.168.0.1  Bcast:192.168.255.255  Mask:255.255.0.0
           EtherTalk Phase 2 addr:65280/214
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:27 errors:0 dropped:0 overruns:0 frame:0
           TX packets:33 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0

lo        Link encap:Local Loopback
           inet addr:127.0.0.1  Mask:255.0.0.0
           EtherTalk Phase 2 addr:0/0
           UP LOOPBACK RUNNING  MTU:16436  Metric:1
           RX packets:24 errors:0 dropped:0 overruns:0 frame:0
           TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0

ppp0      Link encap:Point-to-Point Protocol
           inet addr:63.205.13.22  P-t-P:63.205.15.254 Mask:255.255.255.255
           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
           RX packets:1469 errors:0 dropped:0 overruns:0 frame:0
           TX packets:2397 errors:0 dropped:0 overruns:0 carrier:0
           collisions:0



# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use   Iface
adsl-63-205-15- *               255.255.255.255 UH    0      0        0ppp0
192.168.0.0     *               255.255.0.0     U     0      0        0   eth1
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         adsl-63-205-15- 0.0.0.0         UG    0      0        0 ppp0



#vi /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=localhost.localdomain
#GATEWAYDEV=ppp0
#GATEWAY=
~
~

# lsmod
Module                  Size  Used by
sr_mod                 15264   0  (autoclean)
ipt_limit               1472  29  (autoclean)
ip_nat_ftp              3760   0  (unused)
ip_conntrack_ftp        2480   0  (unused)
ipt_state               1200   3  (autoclean)
iptable_filter          2304   0  (autoclean) (unused)
iptable_mangle          2272   0  (unused)
ipt_LOG                 3888   1
ipt_MIRROR              1504   0  (unused)
ipt_MASQUERADE          1712   1
ipt_TOS                 1488   0  (unused)
ipt_REDIRECT            1312   0  (unused)
iptable_nat            16160   1  [ip_nat_ftp ipt_MASQUERADE ipt_REDIRECT]
ipt_REJECT              2528   0  (unused)
ip_conntrack           15824   3  [ip_nat_ftp ip_conntrack_ftp ipt_state
ipt_MASQUERADE ipt_REDIRECT iptable_nat]
ip_tables              11072  13  [ipt_limit ipt_state iptable_filter
iptable_mangle ipt_LOG ipt_MIRROR ipt_MASQUERADE ipt_TOS ipt_REDIRECT
    iptable_nat ipt_REJECT]
ppp_synctty             5712   0  (unused)
ppp_async               6704   1
ppp_generic            17136   4  [ppp_synctty ppp_async]
usbkbd                  3040   0  (unused)
appletalk              19664  12
autofs                 11264   1  (autoclean)
8139too                16480   2  (autoclean)
ide-scsi                8352   0
scsi_mod               95104   2  [sr_mod ide-scsi]
ide-cd                 26848   0
cdrom                  27232   0  [sr_mod ide-cd]
keybdev                 2080   0  (unused)
hid                    11776   0  (unused)
input                   3488   0  [usbkbd keybdev hid]
usb-uhci               20720   0  (unused)
usbcore                49664   1  [usbkbd hid usb-uhci




LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!