[NTLUG:Discuss] How to masq a static IP with iptables?
Neil Aggarwal
neil at JAMMConsulting.com
Sat Mar 16 13:41:07 CST 2002
Paul:
Sorry, I did not realize that you had used ifconfig instead
of ifcfg. My fault. When I used ifconfig, it worked like a
charm.
Thanks!
Neil
--
Neil Aggarwal
JAMM Consulting, Inc. (972) 612-6056, http://www.JAMMConsulting.com
Custom Internet Development Websites, Ecommerce, Java, databases
> -----Original Message-----
> From: discuss-admin at ntlug.org [mailto:discuss-admin at ntlug.org]On Behalf
> Of Paul Ingendorf
> Sent: Saturday, March 16, 2002 11:59 AM
> To: discuss at ntlug.org
> Subject: RE: [NTLUG:Discuss] How to masq a static IP with iptables?
>
>
> try
> /sbin/ifconfig eth1:1 66.76.52.1 netmask 255.255.255.0 broadcast
> 66.76.52.255
>
> I would expect you to get those kind of errors with ifcfg as it
> has a syntax I'm not familiar with.
>
> -----Original Message-----
> From: discuss-admin at ntlug.org [mailto:discuss-admin at ntlug.org]On Behalf
> Of Neil Aggarwal
> Sent: Saturday, March 16, 2002 12:51 AM
> To: discuss at ntlug.org
> Subject: RE: [NTLUG:Discuss] How to masq a static IP with iptables?
>
>
> Paul:
>
> Here is my configuration:
>
> My RedHat 7.2 Linux box has eth0 which is connected to my
> DSL line and eth1 that is connected to an IP switch for my
> internal network.
>
> The new machine has this configuration:
> IP: 66.76.52.105
> Netmask: 255.255.255.0
> Gateway: 66.76.52.1
> Broadcast: 66.76.52.255
>
> I plugged the new machine into my internal network.
>
> I tried to create the additional interface on my Linux
> box using this line, which is translated from yours:
> ifcfg eth1:1 66.76.52.1 netmask 255.255.255.0 broadcast 66.76.52.255
> I got back these error messages:
> Forwarding is ON or its state is unknown (5). OK, No RDISC.
> Error: an inet prefix is expected rather than "inet".
> Error: failed to add 66.76.52.1 peer inet on eth1.
>
> So, I tried just typing:
> ifcfg eth1:1 66.76.52.1
> I got this message:
> Forwarding is ON or its state is unknown (5). OK, No RDISC.
>
> The I typed the route command:
> route -vF add -net 66.76.52.0 netmask 255.255.255.0 eth1
> This did not report anything back, so I assumed it was OK.
>
> At this point, from the new machine, I can ping machines in my
> internal network, but nothing outside. It does not seem link
> the Linux box is masquerading the new machine.
>
> As a matter of fact, now none of my internal machines can get
> out to the external network. It is fine if I reboot the Linux
> box (since it clears the additional interface and the route), but
> this is definitely not the desired result.
>
> Any suggestions?
>
> Thanks,
> Neil.
>
> --
> Neil Aggarwal
> JAMM Consulting, Inc. (972) 612-6056, http://www.JAMMConsulting.com
> Custom Internet Development Websites, Ecommerce, Java, databases
>
>
> > -----Original Message-----
> > From: discuss-admin at ntlug.org [mailto:discuss-admin at ntlug.org]On Behalf
> > Of Paul Ingendorf
> > Sent: Thursday, March 07, 2002 8:52 PM
> > To: discuss at ntlug.org
> > Subject: RE: [NTLUG:Discuss] How to masq a static IP with iptables?
> >
> >
> > Create a interface with the gateway ip of the gateway for the
> > network the machine will be on then create a default route from
> > your Linux machine to that machine subnet and allow MASQing trough it.
> >
> >
> > Like so
> > Your Gateway 192.168.0.1
> > Your Primary Interface eth0
> > New Machines ip 10.0.0.2
> > New Machine netmask
> > New Machines Gateway 10.0.0.1
> >
> > ifconfig eth0:1 10.0.0.2 netmask 255.0.0.0 broadcast 10.255.255.255
> > route -vF add -net 10.0.0.0 netmask 255.0.0.0 eth0
> >
> > This should allow you to work everything like your asking and it
> > will allow it to perform almost exactly the way it would at the
> > clients site.
>
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
>
>
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
More information about the Discuss
mailing list