[WBEL-users] iptables
Nayana Hettiarachchi
Nayana Hettiarachchi <nayanah@gmail.com>
Fri, 17 Sep 2004 01:40:18 -0700
Thanks, Jean but i actually fixed it, the problem was i didnt had a
routing entry on 192.168.5.201 to 192.168.0.0/24 and my router IP
wasnt set as the default gateway, well anyways its working now, just
so that u know i was just playing around with too many devices eheheh
Internet <---- Router A <---- Network A ---> Linux Box (WBEL) <--
Network B --> Router B--> Internet
so i went ahead and added static routes on both Router A and Router B
to forward packets through the WBEL so i dont have to do it on every
host on both networks
Thanks for the information though :)
Nayana
On Fri, 17 Sep 2004 09:54:03 +0200, Jean LEE <jean_lee_3@hotmail.com> wrote:
> Try to modify your iptables rules in order to obtain the following (type
> iptables -L -v -n to obtain all the information)
>
> [root@lw01 root]# iptables -L
> Chain INPUT (policy ACCEPT)
> target prot opt in out source
> destination
> ACCEPT all -- eth0 * 192.168.0.0/24
> 0.0.0.0/0 (or perhaps eth0 ipadress)
> ACCEPT all -- eth1 * 192.168.5.0/24
> 0.0.0.0/0 (or perhaps eth1 ipadress)
>
> Chain FORWARD (policy ACCEPT)
> target prot opt in out source
> destination
> ACCEPT all -- eth0 eth1 192.168.0.0/24
> 192.168.5.0/24
> ACCEPT all -- eth1 eth0 192.168.5.0/24
> 192.168.0.0/24
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt in out source
> destination
> ACCEPT all -- * eth0 192.168.0.0/24 (or
> perhaps eth0 ipadress) 192.168.0.0/24
> ACCEPT all -- * eth1 192.168.5.0/24 (or
> perhaps eth0 ipadress) 192.168.5.0/24
>
> I think it should work but it's not the only solution. You can customize the
> source and destination ipadresses to meet your needs. As a general rule, you
> have to accept incoming and outcoming packets on a network card and not only
> do the forwarding.
>
> Hope this helps,
>
> Jean
>
>
>
>
> ----- Original Message -----
> From: "Nayana Hettiarachchi" <nayanah@gmail.com>
> To: <whitebox-users@beau.org>
> Sent: Friday, September 17, 2004 6:24 AM
> Subject: [WBEL-users] iptables
>
> > Hey guys,
> >
> > i am just playing around with a box with 2 NICs and trying to setup a
> router
> >
> > eth0 on 192.168.0.0/24 and eth1 on 192.168.5.0/24
> >
> > i setup Ipforwarding and setup a chain in iptables to forward to both
> sides,
> >
> >
> > [root@lw01 root]# iptables -L
> > Chain INPUT (policy ACCEPT)
> > target prot opt source destination
> >
> > Chain FORWARD (policy ACCEPT)
> > target prot opt source destination
> > ACCEPT all -- 192.168.0.0/24 192.168.5.0/24
> > ACCEPT all -- 192.168.5.0/24 192.168.0.0/24
> >
> > Chain OUTPUT (policy ACCEPT)
> > target prot opt source destination
> >
> >
> > i am trying to ping from 192.168.0.2 to 192.168.5.201 and i am not
> > getting a ping reply,
> >
> > when i do a tcpdump on the router box i can see the requests being
> forwarded
> >
> > [root@lw01 root]# tcpdump
> > tcpdump: listening on eth0
> > 20:21:02.407612 192.168.0.2 > 192.168.5.201: icmp: echo request
> > 20:21:07.413741 192.168.0.2 > 192.168.5.201: icmp: echo request
> >
> >
> > and if i do a tcpdump on 5.201 i see the requests comming and a reply
> > is being sent, but i dont see that reply on the router any idea ?
> >
> > Thanks in advance
> >
> > Nayana
> > _______________________________________________
> > Whitebox-users mailing list
> > Whitebox-users@beau.org
> > http://beau.org/mailman/listinfo/whitebox-users
> >
>