IRC Networks
Irc Logs Stats
Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1825.82 MB
Powered by
Channel Info
Network: freenodeChannel: #iptables |
Search in www.irclog.org
Log from #iptables at freenode 2006-08-05
[00:00]<pf-rwrd>yeah
[00:00]<fyguw_drgau>ok follow this seq..
[00:00]<pf-rwrd>i'm just trying to get some temporary internet access on another machine, until i get the wireless on it working
[00:00]<fyguw_drgau>firstclear the table
[00:00]<fyguw_drgau>iptables -F
[00:00]<drwygn>i guess iptables -F is the default conf hehe
[00:00]<fyguw_drgau>iptables -X
[00:00]<fyguw_drgau>then do...
[00:01]<fyguw_drgau>echo 1 > /proc/sys/net/ipv4_ip_forward
[00:01]<pf-rwrd>i have it already
[00:01]<pf-rwrd>echo 1 > /proc/sys/net/ipv4/ip_forward btw
[00:01]<pf-rwrd>is that all?
[00:01]<pf-rwrd>no iptables voodoo?
[00:02]<fyguw_drgau>then do .. iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o <ext IF> -j MASQ
[00:02]<fyguw_drgau>thats should work..
[00:02]<pf-rwrd>iptables v1.3.5: Couldn't load target `MASQ':/lib64/iptables/libipt_MASQ.so: cannot open shared object file: No such file or directory...
[00:02]<rlraxne>iptables is not voodoo
[00:02]<rlraxne>its more like... black magic
[00:02]<rlraxne>:)
[00:02]<pf-rwrd>:D
[00:02]<fyguw_drgau>If it doesnt do a iptables -L -nv
[00:02]<fyguw_drgau>and paste the output in the bin
[00:03]<pf-rwrd>ît's missing a lib
[00:03]<pf-rwrd>that's weird...
[00:03]<fyguw_drgau>Try MASQUERADE
[00:03]<fyguw_drgau>and make sure that the modules is loaded
[00:03]<pf-rwrd>ah, ok
[00:04]<pf-rwrd>hmm
[00:04]<pf-rwrd>not working
[00:04]<pf-rwrd>http://rafb.net/paste/results/CwC1Dr86.html
[00:05]<fyguw_drgau>iptables -t nat -L -nv
[00:05]<pf-rwrd>http://rafb.net/paste/results/2WjC9d78.html
[00:05]<pf-rwrd>uh, wait a sec..
[00:05]<fyguw_drgau>sure
[00:06]<pf-rwrd>eth0, the other machine is on 192.168.1
[00:06]<pf-rwrd>so much for just c&p'ing commands:P
[00:06]<fyguw_drgau>lol
[00:06]<fyguw_drgau>again flush and recreate.. Just to avoid the confusion again
[00:07]<fyguw_drgau>:)
[00:07]<pf-rwrd>flushed, recreated, still no luck...
[00:07]<fyguw_drgau>iptables -t nat -L -nv
[00:07]<pf-rwrd>iptables -F && iptables -X && iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth1 -j MASQUERADE was the command
[00:08]<fyguw_drgau>looks fine..
[00:08]<pf-rwrd>thanks ;)
[00:08]<pf-rwrd>http://rafb.net/paste/results/y5jkss41.html
[00:09]<fyguw_drgau>can you ping yahoo.com from the firewall.. I.e your iptable box?
[00:09]<pf-rwrd>yeah, it's my desktop, btw
[00:09]<pf-rwrd>the one i'm on irc on
[00:10]<fyguw_drgau>what is the PC behind it running?? Linux or windows?
[00:10]<pf-rwrd>linux
[00:10]<pf-rwrd>i've got a gentoo desktop, and i'm trying to get ubuntu on another box
[00:10]<pf-rwrd>but i need to upgrade the kernel on the ubuntu box to get the wireless drivers compiled
[00:10]<fyguw_drgau>can yu ping the internal interface of the Gateway from the client and vice versa
[00:11]<pf-rwrd>trying again
[00:11]<pf-rwrd>yeah
[00:11]<pf-rwrd>excellent ping times, i might add :P
[00:11]<fyguw_drgau>what does the route -n in the client say
[00:12]<pf-rwrd>kinda hard to copy over
[00:12]<pf-rwrd>but destination 192.168.1.0 has gw 0.0.0.0 and mask 255.255.255.0
[00:12]<fyguw_drgau>what does the last line say?
[00:12]<pf-rwrd>and dest. 0.0.0.0 has gw 192.168.1.1 and mask 0.0.0.0
[00:13]<pf-rwrd>flag ug on the last one
[00:13]<fyguw_drgau>Destination Gateway Genmask Flags Metric Ref Use Iface
[00:13]<fyguw_drgau>192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
[00:13]<fyguw_drgau>0.0.0.0 192.168.1.100 0.0.0.0 UG 0 0 0 eth0
[00:13]<pf-rwrd>looks similar
[00:13]<pf-rwrd>my desktop (the iptables machine) is connected to my router out to the internet on 192.168.0, though
[00:14]<pf-rwrd>does it matter
[00:14]<pf-rwrd>?
[00:14]<fyguw_drgau>PF-Away: If you ping yahoo.com from your desktop whats the ttl your getting?
[00:14]<pf-rwrd>55 first, 54 afterwards
[00:14]<pf-rwrd>i don't think that's the problem...
[00:15]<pf-rwrd>i was originally trying to ping my router
[00:15]<fyguw_drgau>Is it an aliased interface?
[00:15]<fyguw_drgau>the internal 192.168.1.0 neworks interface
[00:15]<pf-rwrd>like 0:0, you mean?
[00:15]<fyguw_drgau>yup
[00:15]<pf-rwrd>no
[00:16]<fyguw_drgau>Well I dont see why is it not happening....
[00:16]<pf-rwrd>it's just weird...
[00:16]<fyguw_drgau>One reason could be.. ip_forward value not set to 1
[00:16]<pf-rwrd>http://rafb.net/paste/results/Z4pHUx57.html
[00:17]<fyguw_drgau>iptables modules not loaded..
[00:17]<pf-rwrd>tripleseven ~ # more /proc/sys/net/ipv4/ip_forward
[00:17]<pf-rwrd>1
[00:18]<pf-rwrd>lsmod: http://rafb.net/paste/results/hLO7bZ34.html
[00:18]<fyguw_drgau>looks good.. to me..
[00:18]<pf-rwrd>to me too
[00:19]<fyguw_drgau>one last check...
[00:19]<fyguw_drgau>can you do arp -an in the client and match the mac address of the gateway with the ifconfig output mac address of the gateway
[00:20]<pf-rwrd>yup
[00:20]<pf-rwrd>:(
[00:20]<fyguw_drgau>different?
[00:20]<pf-rwrd>no
[00:20]<pf-rwrd>hmm
[00:20]<pf-rwrd>the switch i'm using is a router...
[00:20]<pf-rwrd>argh
[00:20]<pf-rwrd>why didn't i think about that before
[00:20]<fyguw_drgau>lol
[00:21]<pf-rwrd>could it be eating the FORWARD's?
