>>Apologies if this is not the correct list.
>>I have a linux box with kernel 22.214.171.124 which I am trying to configure
>>as a router. I have a cable modem connected to a firewall/router
>>(192.168.2.1). The linux box (yoda 192.168.2.4, 192.168.1.1) is
>>connected to the firewall/router. Also connected to yoda is another
>>network (with computer foo 192.168.1.3). I can access the internet from
>>yoda and I can access yoda from foo, but I cannot access the internet
>>yoda has the correct interface configuration and routing table
>>192.168.2.0 * 255.255.255.0 eth1
>>192.168.1.0 * 255.255.255.0 eth0
>>default 192.168.2.1 0.0.0.0 eth1
>>and I have ip forwarding enabled:
>>$ cat /proc/sys/net/ipv4/ip_forward
>> From what I have found in the HOWTOs and documentation this is all I
>>should have to do.
>>I do not need to do any masquerading so I do not see the need for
>>netfiltering, is this assumption correct?
> Not necessarily. Your router likely has no knowledge of, or any clue, how
> to route your 192.168.1.0/24 network.
> - If your router is capable of static routing, you could use yoda
> 192.168.2.4 on it as a gateway for 192.168.1.0/24 network.
> - Or if your router is capable of setting a 255.255.0.0 netmask, you could
> enable proxy arp on eth1, so it would answer arp for eth0:
> echo 1 > /proc/sys/net/ipv4/conf/eth1/proxy_arp
> - Or even if netmask on router is limited to 255.255.255.0 you could set
> eth0 to a portion of eth1 network and enable proxy_arp on eth1. For
> example based on my wireless subnet, you could set eth0 to 192.168.2.241
> netmask 255.255.255.249 broadcast 192.168.2.247 and have useable IPs on
> eth0 .242 - .246. PC(s) on eth0 would use eth0 IP as gateway. With
> proxy_arp enabled for eth1, it would answer arp requests for eth0 net,
> making it one happy LAN.
> - Or if all else fails, use iptables to masquerade your eth0 network as
> your eth1 IP.
gateway for the 192.168.1.0/24 network, so packets should theoretically
be able to be returned.
However, all else failed and I tried to use iptables to masquerage the
eth0 network. I had the most liberal forwarding policy possible.
Unfortunately this did not work.
It seems that, for some reason, packets are not being forwared from eth0
I can ping yoda from foo. I can ping the firewall from yoda. I cannot
ping the firewall from foo.
As I mentioned earlier, I have ip_forward enabled.
* Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet!
--- Synchronet 3.15a-Win32 NewsLink 1.92
Time Warp of the Future BBS - telnet://time.synchro.net:24