Daniel Pielmeier wrote: > Hi, > > I have a similar problem like Dale in this thread [gentoo-user] Need > help networking two machines, but i think it is not exactly the same. > > I was trying to set up a home router following the > gentoo-home-router-guide > http://www.gentoo.org/doc/de/home-router-howto.xml > with shorewall as firewall following the two-interfaces-guide > http://www.shorewall.net/two-interface.htm. > > I can connect from the router to the internet. > I can log in from the router to the desktop per ssh and back. > I have set up an rsync on the router and rsync works from the desktop. > I have set up dnsmasq on the server and dns is working on the desktop. > I can ping between router and desktop and from the router to the internet > > I have set up an ntp on the router but ntp from the desktop gives me. > 14 Jan 20:25:53 ntpdate[31522]: no server suitable for synchronization > found > > I can't ping from the desktop to the internet. > ping www.gentoo.org > PING www.gentoo.org (38.99.64.202) 56(84) bytes of data. > > --- www.gentoo.org ping statistics --- > 13 packets transmitted, 0 received, 100% packet loss, time 11999ms > > As you can see the address is resolved but i get 100% packet loss. > Until now i have spent much time on this issues, so i hope to solve > these problems with your help. > I have added the configurations which may help you to discover my > problem below. First the router configuration and then the desktop > configuration. > I hope i did not forget anything as it is very much, but if anything > you need is missing please ask for it. > > Thanks Daniel > >
Hi, I used this script a long time ago. It worked until iptables got changed. It still worked but it gave a few errors. Maybe some guru can look at this and update it for us both. Then maybe I can get someone to upgrade the script on the site. I had to edit the very first bit about which interface is what. Here it is: > #!/bin/bash > IPTABLES='/sbin/iptables' > # Set interface values > EXTIF='ppp0' > #INTIF0='eth0' > INTIF1='eth0' > INTIF2='eth1' > INTIF3='eth2' > > # enable ip forwarding in the kernel > /bin/echo 1 > /proc/sys/net/ipv4/ip_forward > # flush rules and delete chains > $IPTABLES -F > $IPTABLES -X > # enable masquerading to allow LAN internet access > $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE > # forward LAN traffic from $INTIF1 to Internet interface $EXTIF > $IPTABLES -A FORWARD -i $INTIF1 -o $EXTIF -m state --state > NEW,ESTABLISHED -j ACCEPT > # forward LAN traffic from $INTIF2 to Internet interface $EXTIF > $IPTABLES -A FORWARD -i $INTIF2 -o $EXTIF -m state --state > #NEW,ESTABLISHED -j ACCEPT > #echo -e " - Allowing access to the SSH server" > $IPTABLES -A INPUT --protocol ssh --dport 22 -j ACCEPT > #echo -e " - Allowing access to the HTTP server" > $IPTABLES -A INPUT --protocol tcp --dport 80 -j ACCEPT > # block out all other Internet access on $EXTIF > $IPTABLES -A INPUT -i $EXTIF -m state --state NEW,INVALID -j DROP > $IPTABLES -A FORWARD -i $EXTIF -m state --state NEW,INVALID -j DROP > OK. Now some guru help us out here. LOL I got to redo my install on my second machine. I rebooted it and it is in awful shape. I think something is wrong with a init script. It boots the kernel but errors out trying to enter a run level. Portage can't complete a compile either. It complains about the date not being set, but it is. I need to get the rust out anyway on installing. Yup, the old command line way. I boot gentoo nox. LOL I have to use the 2005.1 install guide though. :-( Supper time. Dale :-) :-) :-) :-) -- www.myspace.com/dalek1967 -- gentoo-user@gentoo.org mailing list
