help, iptables wont work

smellis · Posted: Thu Nov 14, 2002 1:41 am Post subject: help, iptables wont work

hi,am trying to set up my gentoo system up as a router for my cable modem. iptables is installed but when i try to insmod iptable_nat it says no module by that name found. do i need to emerge something or what?
thanks.

px · Guru Joined: 26 Sep 2002 Posts: 497 Location: Metz, France

you must enable a few things in your kernel:
try this:

networking options -> Network packet filtering
networking options -> netfilter config -> connection tracking
networking options -> netfilter config -> ftp protocol
networking options -> netfilter config -> iptables
networking options -> netfilter config -> connection state match support
networking options -> netfilter config -> packet filtering -> REJECT
networking options -> netfilter config -> full nat -> masquerade
networking options -> netfilter config -> full nat -> redirect
networking options -> netfilter config -> packet mangling
networking options -> netfilter config -> log

(if you build 'hem as module you must modprobe)

cd /usr/src/linux && make dep clean bzImage modules modules_install && cp arch/i386/boot/bzImage /boot && cp System.map /boot && reboot

then under shell prompt:
iptables -F; iptables -t nat -F; iptables -t mangle -F
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

you may need to emerge iptables

also if you need more details, have a look at the linux doc prj (www.tldp.org) in Masquerading made simple how to

_________________
Nous autres, mordus d'informatique, préférons par-dessus tout passer notre temps à bidouiller nos ordinateurs, plutôt que les utiliser pour faire quelque chose de productif. [Dave Barry]

Craigo · Posted: Thu Nov 14, 2002 11:51 am Post subject:

Take a look over here

http://iptables-tutorial.haringstad.com/

Tons of stuff to learn and trust me, you just want to experiment

Have fun!

-/Craigo/-

chris4linux · Posted: Thu Nov 14, 2002 12:10 pm Post subject:

Craigo · Posted: Thu Nov 14, 2002 12:28 pm Post subject:

I presume you did set a gateway in there?

route add -net default gw $GTWAY netmask 0.0.0.0 metric 1

Where $GTWAY is the router. Check 'route' to see where the packets are going to. And check /var/log/messages as well if you got iptables to log.

-/Craigo/-

chris4linux · Posted: Thu Nov 14, 2002 12:35 pm Post subject:

here are my routing tables:

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
192.168.123.0 * 255.255.255.0 U 0 0 0 eth0
default 192.168.123.254 0.0.0.0 UG 1 0 0 eth1
default 192.168.123.254 0.0.0.0 UG 1 0 0 eth0

ip_forwarding is '1'. on SuSE it looks:

Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
default 192.168.0.1 0.0.0.0 UG 1 0 0 eth0

know I have disable the iptables...and it didn't work too

(without iptables I can ping every pc, from SuSE to Router, to my pc and so on, but with this didin't work...well...nothing work!)

Thanks,
Chris

PS where can I see the stats where the packets are going?
_________________
NOTICE: alloc: /dev/null: filesystem full