[Mailinglist] Internet Connection Sharing
Sunjith P S
sunjithps at gmail.com
Tue Dec 26 19:29:25 IST 2006
Hi,
On Tuesday 26 December 2006 17:55, Binny V Abraham wrote:
> > To enable
> > internet connection sharing, add a MASQUERADE rule
> > in iptables:
> > Run as root: "iptables -t nat -A POSTROUTING -o eth0
> > -j MASQUERADE"
>
> However this command does seem to work - I can run the
> command - but there is no result(is there suppose to
> be a response?)
No. There is no response. You can see the MASQ rule in the NAT table using the
following command if you want to check if the rule was actually added:
============
iptables -t nat -L POSTROUTING
============
> Anyway, I cannot access any sites from XP system. Am I
> supposed to change the proxy of the browser in the XP
> or something?
Try "ping google.com" from windows machine. If you get the ip of the google,
then the DNS setting is alright, you may be having a routing problem on the
linux machine. Otherwise, set the DNS in the windows machine to that given by
your ISP. Alternatively, run a DNS server on the linux machine and set DNS
server as 192.168.0.10 in the windows machine.
To check if you have a routing problem on the linux machine, "ping
64.233.187.99" from windows machine (64.233.187.99 is one of google's IP). If
it doesn't ping, also try telnet to port 80 (just to rule out the chance that
your ISP blocking ICMP echo requests used by ping). If that doesn't work
either, you have a problem on your linux machine. It could be firewall. Try
after running "iptables --flush" (again, gives no output) on the linux
machine as root.
> Another thing - I run apache server(I am a web
> developer) on the linux system - will this be a
> problem? A strange thing is that I cannot access the
> apache server on linux from the XP system. Ie.
> 'http://192.168.0.10/' gives the listing of the
> document root in the linux system - but I cannot get
> it if I try to access 'http://192.168.0.10/' from the
> windows system.
Could be firewall again. Try the same "iptables --flush".
WARNING: "iptables --flush" disables all firewall protection of your linux
machine. Since you are connecting the linux machine to internet and also
running services such as http (and probably others) on it, it is not
recommended to keep firewall flushed. After you make sure it is a firewall
problem, reload firewall rules with "service iptables restart" and either add
specific rules to override existing offending rule(s) to grant access to
windows machine or specifically remove offending rule(s). You may
run "service iptables save" after you have finalized the new rules to make it
persistent across reboots (Do not save rules when firewall has been flushed).
Regards,
Sunjith
More information about the Mailinglist
mailing list