From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1H6ECE-0005R1-4y for garchives@archives.gentoo.org; Sun, 14 Jan 2007 22:51:26 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.8/8.13.8) with SMTP id l0EMoEsM029270; Sun, 14 Jan 2007 22:50:14 GMT Received: from mirus.exceedtech.net (ns0.exceedtech.net [70.151.169.5]) by robin.gentoo.org (8.13.8/8.13.8) with ESMTP id l0EMk51a027493 for ; Sun, 14 Jan 2007 22:46:06 GMT Received: from [65.144.132.251] (0-2pool132-251.nas2.greenwood1.ms.us.da.qwest.net [65.144.132.251]) by mirus.exceedtech.net (8.12.8/8.12.8) with ESMTP id l0EMk0qQ004139 for ; Sun, 14 Jan 2007 16:46:02 -0600 Message-ID: <45AAB2A7.5070201@exceedtech.net> Date: Sun, 14 Jan 2007 16:45:59 -0600 From: Dale User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.9) Gecko/20070105 SeaMonkey/1.0.7 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Setting up a home router References: <6142e6140701141127ke803445jb5d9a89f8fa523a@mail.gmail.com> In-Reply-To: <6142e6140701141127ke803445jb5d9a89f8fa523a@mail.gmail.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Archives-Salt: c3c85c31-f29c-4b47-83e3-68b38a0aa9ff X-Archives-Hash: b457d15fe80fce585140ecbf7e44d580 Daniel Pielmeier wrote: > Hi, > > I have a similar problem like Dale in this thread [gentoo-user] Need > help networking two machines, but i think it is not exactly the same. > > I was trying to set up a home router following the > gentoo-home-router-guide > http://www.gentoo.org/doc/de/home-router-howto.xml > with shorewall as firewall following the two-interfaces-guide > http://www.shorewall.net/two-interface.htm. > > I can connect from the router to the internet. > I can log in from the router to the desktop per ssh and back. > I have set up an rsync on the router and rsync works from the desktop. > I have set up dnsmasq on the server and dns is working on the desktop. > I can ping between router and desktop and from the router to the internet > > I have set up an ntp on the router but ntp from the desktop gives me. > 14 Jan 20:25:53 ntpdate[31522]: no server suitable for synchronization > found > > I can't ping from the desktop to the internet. > ping www.gentoo.org > PING www.gentoo.org (38.99.64.202) 56(84) bytes of data. > > --- www.gentoo.org ping statistics --- > 13 packets transmitted, 0 received, 100% packet loss, time 11999ms > > As you can see the address is resolved but i get 100% packet loss. > Until now i have spent much time on this issues, so i hope to solve > these problems with your help. > I have added the configurations which may help you to discover my > problem below. First the router configuration and then the desktop > configuration. > I hope i did not forget anything as it is very much, but if anything > you need is missing please ask for it. > > Thanks Daniel > > Hi, I used this script a long time ago. It worked until iptables got changed. It still worked but it gave a few errors. Maybe some guru can look at this and update it for us both. Then maybe I can get someone to upgrade the script on the site. I had to edit the very first bit about which interface is what. Here it is: > #!/bin/bash > IPTABLES='/sbin/iptables' > # Set interface values > EXTIF='ppp0' > #INTIF0='eth0' > INTIF1='eth0' > INTIF2='eth1' > INTIF3='eth2' > > # enable ip forwarding in the kernel > /bin/echo 1 > /proc/sys/net/ipv4/ip_forward > # flush rules and delete chains > $IPTABLES -F > $IPTABLES -X > # enable masquerading to allow LAN internet access > $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE > # forward LAN traffic from $INTIF1 to Internet interface $EXTIF > $IPTABLES -A FORWARD -i $INTIF1 -o $EXTIF -m state --state > NEW,ESTABLISHED -j ACCEPT > # forward LAN traffic from $INTIF2 to Internet interface $EXTIF > $IPTABLES -A FORWARD -i $INTIF2 -o $EXTIF -m state --state > #NEW,ESTABLISHED -j ACCEPT > #echo -e " - Allowing access to the SSH server" > $IPTABLES -A INPUT --protocol ssh --dport 22 -j ACCEPT > #echo -e " - Allowing access to the HTTP server" > $IPTABLES -A INPUT --protocol tcp --dport 80 -j ACCEPT > # block out all other Internet access on $EXTIF > $IPTABLES -A INPUT -i $EXTIF -m state --state NEW,INVALID -j DROP > $IPTABLES -A FORWARD -i $EXTIF -m state --state NEW,INVALID -j DROP > OK. Now some guru help us out here. LOL I got to redo my install on my second machine. I rebooted it and it is in awful shape. I think something is wrong with a init script. It boots the kernel but errors out trying to enter a run level. Portage can't complete a compile either. It complains about the date not being set, but it is. I need to get the rust out anyway on installing. Yup, the old command line way. I boot gentoo nox. LOL I have to use the 2005.1 install guide though. :-( Supper time. Dale :-) :-) :-) :-) -- www.myspace.com/dalek1967 -- gentoo-user@gentoo.org mailing list