Linux1<-->router (cyclades)<-->leased line<-->router(cyclades)<-->Linux2<-->router(cisco)<-->Internet

Tim E Patterson timep@say2u.com
Mon, 21 Jan 2002 23:01:00 +0700 

This is a multi-part message in MIME format.

------=_NextPart_000_007C_01C1A2CF.7EAD4860
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi,

The subject line summarizes my setup.=20
I'm running Redhat 7.2 (kernel 2.4.17), connected to another RH7.2 by a =
leased line, and connected to the Internet via leased line.
I've been thru many examples, but haven't seen any setup like this. What =
I want to be able to do, if possible, is masquerade to the Internet from =
Linux 1 thru Linux 2
Linux1:
internal network:192.168.0.0
eth0: 192.168.0.11
router (cyclades PS1000): 192.168.0.4

Linux 2:
internal net: 192.168.1.0
eth1: 192.168.1.11
router: 192.168.1.2
eth0 (to Internet):202.155.199.148
cisco: 202.155.199.145

I've set all my gateways with /sbin/route add .... gw,=20
Destination    Gateway   =20
Linux 1:
192.168.1.0    192.168.0.4
Linux 2:
192.168.0.0    192.168.1.2,

so that from Linux 1, I can ping any computer connected to Linux 2 and =
vice versa, and I can ping the cisco router,
202.155.199.145 and eth0 on Linux 2, 202.155.199.148  from Linux 1 =
(192.168.0.11), and I've tried various iptables setups, but still can't =
get any packets back to Linux1 from the Internet. I'm running iptables =
on Linux 1 and Linux 2.
I can masquerade to the Internet from any client connected to Linux 2. I =
can masquerade from clients connected to Linux 1 to Linux 2's webserver. =
I can dig on Linux 1 and get dns responses from the Internet, but no =
packets.
Is it possible to do this without installing any additional software ? =
Or, if not, what do I need ?
If somebody has an answer, we can post it to =
http://www.linuxguruz.org/iptables/, among others.

Heeeeeelllllllllllppppppppp !!!!!
Thanx in advance.


------=_NextPart_000_007C_01C1A2CF.7EAD4860
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2600.0" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>Hi,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>The subject line summarizes my setup. =
</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>I'm running Redhat 7.2 (kernel 2.4.17), =
connected=20
to another RH7.2 by a leased line, and connected to the Internet via =
leased=20
line.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>I've been thru many examples, but =
haven't seen any=20
setup like this. What I want to be able to do, if possible, is =
masquerade to the=20
Internet from Linux 1 thru Linux 2</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Linux1:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>internal =
network:192.168.0.0</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>eth0: 192.168.0.11</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>router (cyclades PS1000): =
192.168.0.4</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Linux 2:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>internal net: 192.168.1.0</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>eth1: 192.168.1.11</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>router: 192.168.1.2</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>eth0 (to =
Internet):202.155.199.148</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>cisco: 202.155.199.145</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>I've set all my gateways with =
/sbin/route add ....=20
gw, </FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Destination&nbsp;&nbsp;&nbsp;=20
Gateway&nbsp;&nbsp;&nbsp; </FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Linux 1:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>192.168.1.0&nbsp;&nbsp;&nbsp;=20
192.168.0.4</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Linux 2:</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>192.168.0.0&nbsp;&nbsp;&nbsp;=20
192.168.1.2,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>so that from Linux 1, I can ping any =
computer=20
connected to Linux 2 and vice versa, and I can ping the cisco=20
router,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>202.155.199.145 and eth0 on Linux 2,=20
202.155.199.148 &nbsp;from Linux 1 (192.168.0.11), and I've tried =
various=20
iptables setups, but still can't get any packets back to Linux1 from the =

Internet. I'm running iptables on Linux 1 and Linux 2.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>I can masquerade to the Internet from =
any client=20
connected to Linux 2. I can masquerade from clients connected to Linux 1 =
to=20
Linux 2's webserver. I can dig on Linux 1 and get dns responses from the =

Internet, but no packets.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Is it possible to do this without =
installing any=20
additional software ? Or, if not, what do I need ?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>If somebody has an answer, we can post =
it to <A=20
href=3D"http://www.linuxguruz.org/iptables/">http://www.linuxguruz.org/ip=
tables/</A>,=20
among others.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Heeeeeelllllllllllppppppppp =
!!!!!</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>Thanx in advance.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV></BODY></HTML>

------=_NextPart_000_007C_01C1A2CF.7EAD4860--