LinuxQuestions.org - Internet Sharing & nic bridge?

- Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)

- - Internet Sharing & nic bridge? (https://www.linuxquestions.org/questions/linux-networking-3/internet-sharing-and-nic-bridge-51682/)

Internet Sharing & nic bridge?

:Pengy:

Ilustration:

Internet
||
||
eth0
Linux RH 8.0 (with 3 nic)
|| \\
|| eth2 (192.168.0.2) <=> Win 2k (192.168.0.10)
||
eth1(192.168.0.3) <=> Win 2k (192.168.0.70)

Internet sharing and everything else works on eth1 & eth2
(this is done with a iptable script)

Now I Want the 2 win2k to be connected like if the linux pc hade been a switch (or hub). I can see each win2k computer in the others network workgroup but i cant connect. I cant ping either (192.168.0.10 to 192.168.70, vice versa).

[Old problem was that I couldnt ping (etc.) 192.168.0.70 from linux.]

How does the 'route' result from the Linux machine look like? I guess you need to use a command similar to 'route add -host target interface', but I'd like to be sure.

It is a routing problem - all 192 trafic will be being sent out of eth1. The "route" command will let you see the routing table. You can then use "route add -host 192.168.0.10 dev eth1".

Note: this will be lost on reboot - you may want to put it in a startup script.

Yes it helped alot... thanks guys.. (or girls)

hmm i still cant ping from one win2k to the other...

i can see them in the workgroup but i cant connect

You probably don't have IP forwarding enabled - try:
echo "1" > /proc/sys/net/ipv4/ip_forward

nope didnt help...
I have done that already!

but thanks for reply!

Quote:

Originally posted by darchon
hmm i still cant ping from one win2k to the other...

i can see them in the workgroup but i cant connect

Could you copy the error message you get when you try to ping from one Win2k to another?

No... because this morning I reinstalled rh 8
and now I cant get the nic's to work...

I use 3 nic's
eth0 = realtech 8139
eth1 = realtech 8139
eth2 = 3com 905b

I think It has to do with the fact that there are 2 identical nic's (using 8139too.o)

Please tell me if i should post more info!

Now i got it working again..

not the connection between w2k <-> w2k but internetsharing works fine

when I ping it just say "...Timeoute"

Tihs is my firewall script.. should i enter something to allow everything betveen eth1 & eth2 (lan)

Code:

echo -e "\n\nLoading simple rc.firewall...\n"



IPTABLES=/sbin/iptables

DEPMOD=/sbin/depmod

INSMOD=/sbin/insmod



EXTIF="eth0"

INTIF="eth1"

INTIF2="eth2"

echo "  External Interface:  $EXTIF"

echo "  Internal Interface:  $INTIF"

echo "  Internal Interface:  $INTIF2"



echo -en "  loading modules: "



echo "  - Verifying that all kernel modules are ok"

$DEPMOD -a



echo "----------------------------------------------------------------------"

echo -en "ip_tables, "

$INSMOD ip_tables



echo -en "ip_conntrack, "

$INSMOD ip_conntrack



echo -en "ip_conntrack_ftp, "

$INSMOD ip_conntrack_ftp



echo -en "ip_conntrack_irc, "

$INSMOD ip_conntrack_irc



echo -en "iptable_nat, "

$INSMOD iptable_nat



echo -en "ip_nat_ftp, "

$INSMOD ip_nat_ftp



echo -e "ip_nat_irc"

$INSMOD ip_nat_irc



echo "----------------------------------------------------------------------"

echo -e "  Done loading modules.\n"



echo "  Enabling forwarding.."

echo "1" > /proc/sys/net/ipv4/ip_forward



echo "  Enabling DynamicAddr.."

echo "1" > /proc/sys/net/ipv4/ip_dynaddr



#-----------------------------------------------------------------

#Clearing any previous configuration

#

#  Unless specified, the defaults for INPUT and OUTPUT is ACCEPT

#    The default for FORWARD is DROP (REJECT is not a valid policy)

#------------------------------------------------------------------

echo "  Clearing any existing rules and setting default policy.."

$IPTABLES -P INPUT ACCEPT

$IPTABLES -F INPUT

$IPTABLES -P OUTPUT ACCEPT

$IPTABLES -F OUTPUT



#-----------------------------------------------------------------

#Clearing any previous configuration

#

#  Unless specified, the defaults for INPUT and OUTPUT is ACCEPT

#    The default for FORWARD is DROP (REJECT is not a valid policy)

#------------------------------------------------------------------

echo "  Clearing any existing rules and setting default policy.."

$IPTABLES -P INPUT ACCEPT

$IPTABLES -F INPUT

$IPTABLES -P OUTPUT ACCEPT

$IPTABLES -F OUTPUT

$IPTABLES -P FORWARD DROP

$IPTABLES -F FORWARD

$IPTABLES -t nat -F



#$IPTABLES -t nat -A PREROUTING -p tcp -i eth2 --dport 80 -j DNAT --to-destination 192.168.0.10:80

#$IPTABLES -A FORWARD -i eth2 -p tcp -d 192.168.0.10 --dport 80 -j ACCEPT



echo "  FWD: Allow all connections OUT and only existing and related ones IN"

$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT

$IPTABLES -A FORWARD -i $EXTIF -o $INTIF2 -m state --state ESTABLISHED,RELATED -j ACCEPT

$IPTABLES -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT

$IPTABLES -A FORWARD -i $INTIF2 -o $EXTIF -j ACCEPT



$IPTABLES -A FORWARD -j LOG



echo "  Enabling SNAT (MASQUERADE) functionality on $EXTIF"

$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE



echo -e "\nrc.firewall-2.4 v$FWVER done.\n"

Suggestions???
I am a Noob so if u see something in there u feel I should change, dont hesitate. Post!

I would also want to know what im doing wrong, not geting the forwarding of port 80 to my http server (192.168.0.10) (about line 20 from the bottom in the script)

Code:

Here are my route table:

Kernel IP routing table

Destination    Gateway        Genmask        Flags Metric Ref    Use Iface

192.168.0.10    *              255.255.255.255 UH    0      0        0 eth2

192.168.0.70    *              255.255.255.255 UH    0      0        0 eth1

192.168.0.0    *              255.255.255.0  U    0      0        0 eth2

192.168.0.0    *              255.255.255.0  U    0      0        0 eth2

130.239.145.0  *              255.255.255.0  U    0      0        0 eth0

127.0.0.0      *              255.0.0.0      U    0      0        0 lo

default        130.239.145.1  0.0.0.0        UG    0      0        0 eth0

The route:

Code:

192.168.0.10 * 255.255.255.255 UH 0 0 0 eth2

Should use eth1 (this should help the port 80 problem too)
and im not quite sure what these are doing

Code:

192.168.0.70    *              255.255.255.255 UH    0      0        0 eth1

192.168.0.0    *              255.255.255.0  U    0      0        0 eth2

192.168.0.0    *              255.255.255.0  U    0      0        0 eth2

ohh... sorry forgot to change the info in the first post...

I have changed the configuration a bit...

now i have edited the first post so that it should be up2date to

In that case use eth0
In the routing table you are saying to access 192.168.0.10 use eth2 but 192.168.0.10 is attached to eth0. You will need to do this for both green NICs.

no... *check the first post*
internet is connected to eth0
192.168.0.70 is connected to eth1
192.168.0.10 is connected to eth2

evrything works exept for portforwarding and connectivety 192.168.0.10 <==> 192.168.0.70

Code:

Kernel IP routing table

Destination    Gateway        Genmask        Flags Metric Ref    Use Iface

192.168.0.10    *              255.255.255.255 UH    0      0        0 eth2

192.168.0.70    *              255.255.255.255 UH    0      0        0 eth1

192.168.0.0    *              255.255.255.0  U    0      0        0 eth2

130.239.145.0  *              255.255.255.0  U    0      0        0 eth0

127.0.0.0      *              255.0.0.0      U    0      0        0 lo

default        130.239.145.1  0.0.0.0        UG    0      0        0 eth0