| LinHES Forums http://forum.linhes.org/ |
|
| help with masquerade / internet sharing http://forum.linhes.org/viewtopic.php?f=6&t=19424 |
Page 1 of 1 |
| Author: | smkranz0506 [ Mon Jan 12, 2009 11:44 pm ] |
| Post subject: | help with masquerade / internet sharing |
Hello, I currently have a debian box as a router / mail server to share internet to my home network (debian 3.1 updated to 4.0). I then have a KM R5.5 box setup along side this. Seeing the KM box is running 24/7, i wanted to add firewall, mail and internet sharing to it and then stop the debian box. (saves an extra box running 24/7). I have added a second NIC and rebuilt the kernel using the moblock howto in the forum to get the iptables features in the kernel. iptable_nat module and friends are loaded when i add iptables rules. External and internal interfaces as setup ok. I can connect to internet from the KM box directly. However, using the same iptables rules as on my debian box, which includes the ipv4.ip_forward = 1 sysctl command, i cannot fully access the net from my home network. Eg, when i start my browser and point it at www.google.com.au, it just sits there and does nothing. It doesn't even show me any error message. I thought it might be dns settings, however, i can ping websites from the home network successfully. Can anyone give advice on what to check for next? All googling just talks about setting ipv4.ip_forward = 1. At the moment i am out of ideas. If you want logs, please let me know and i can post. Any help would be appreciated. Thanks, Simon |
|
| Author: | cecil [ Tue Jan 13, 2009 11:22 pm ] |
| Post subject: | |
Any Debian how-to should work the same on KnoppMyth. If it doesn't you should post specific details on where it is failing. Please Note:KnoppMyth wasn't built w/ security in mind. That isn't to say it is wide open. We do take some items into consideration. However should things are quite obvious. You should also realize that MythTV wasn't built we security in mind as "it would affect performance". |
|
| Author: | smkranz0506 [ Mon Jan 19, 2009 3:09 am ] |
| Post subject: | |
Hello, Thanks for the reply. Here is an attempt to give more specific info: I have ip forwarding switched on using sysctl -w net.ipv4.ip_forward=1 >/dev/null I have iptables setup for forwarding as follows: iptables -A POSTROUTING -t nat -o $EXTIF -j MASQUERADE iptables -A FORWARD -i $INTIF -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT These commands i use exactly the same on my older debian box and it all works. the internal IP of the mythbox which i want to act as router is 192.168.2.105. The IP of the additional desktop machine (running Win xp and debian lenny) is 192.168.2.2 and got gateway and DNS set as 192.168.2.105. I can successfully ping the outside world (eg www.google.com) from the mythbox and the desktop but when i type www.google.com in a browser on the desktop, i get nothing. I mean nothing... no browser error, no timeouts, no "no network" message etc. But everything works perfectly when i use the older debian box. All debian guides i look at mention the above iptables commands and the ip forwarding with sysctl. that's it. Can anyone provide more help? Simon |
|
| Page 1 of 1 | All times are UTC - 6 hours |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|