From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1IVVPV-00039L-3L for garchives@archives.gentoo.org; Wed, 12 Sep 2007 16:49:53 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l8CGfAGK003144; Wed, 12 Sep 2007 16:41:10 GMT Received: from smtp13.unit.tiscali.de (smtp11.unit.tiscali.de [213.205.33.47]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l8CGZrvS028754 for ; Wed, 12 Sep 2007 16:35:53 GMT Received: from [10.161.19.81] (212.23.126.8) by smtp13.unit.tiscali.de (7.3.122) (authenticated as f.philipp@addcom.de) id 46B409840001DEE1 for gentoo-user@lists.gentoo.org; Wed, 12 Sep 2007 18:35:53 +0200 Message-ID: <46E8155D.9050507@addcom.de> Date: Wed, 12 Sep 2007 18:35:41 +0200 From: Florian Philipp User-Agent: Thunderbird 2.0.0.6 (X11/20070906) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Need help with routing References: <46DA8845.4000603@addcom.de> <46DA8C7B.9050107@bellsouth.net> <20070903141607.7c436db1@pascal.spore.ath.cx> <46E57639.8060101@addcom.de> <46E593F7.8090406@addcom.de> <20070910224820.38f039d7.hilse@web.de> <46E6B4AB.4070904@addcom.de> <20070911181858.9fafbcd2.hilse@web.de> <46E6C76C.50604@addcom.de> <20070911202150.4a86018f.hilse@web.de> <46E6EEB2.2000808@addcom.de> <20070911221001.926365fc.hilse@web.de> In-Reply-To: <20070911221001.926365fc.hilse@web.de> X-Enigmail-Version: 0.95.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: d1bad908-1f05-4590-ad1a-bd2ce549092d X-Archives-Hash: 009d743aadf24ecccbd0341049411064 Hans-Werner Hilse schrieb: > Hi, > > On Tue, 11 Sep 2007 21:38:26 +0200 > Florian Philipp wrote: > >> Now the kernel can handle connection state matching :) >> >> I can apply your rules with one exception: >> iptables -A POSTROUTING -o ppp0 -j MASQUERADE >> >> The same error message as before. > > But a different cause: My brain ;-) That should rather read > $ iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE > (I forgot the "-t nat") > > There is, however, a kernel configuration needed for masquerading, too > (CONFIG_IP_NF_TARGET_MASQUERADE on newer kernels, you can search for it > -- or just "MASQUERADE" on older kernels -- using the "/" key in the > kernel's menuconfig). So if iptables keeps complaining, check that too. > > BTW: I'm starting to really hate the HOWTO that much that I might even > consider editing it. The HOWTO got this command wrong as well: It > MASQUERADEs the connections going out to the LAN interface... > > For a proper durable setup, after performing all steps manually until > you have iptables in the way, you should issue > $ /etc/init.d/iptables save > and have iptables fire up using rc-update, if not yet done. Also put > the sysctl setting in /etc/sysctl.conf. Then routing/masquerading will > be set up right on each boot. > > -hwh > Thank you for your patience, it's finally working! If you don't edit the wiki, I'll do it (sooner or later). Just tell me if you don't want to see your name when I give you credit for the settings. -- gentoo-user@gentoo.org mailing list