network problem: internet sharing

David A. Bandel david
Mon May 17 11:49:39 PDT 2004 

On Mon, 21 Jul 2003 15:10:59 -0400
Keith Antoine <kantoine at optusnet.com.au> wrote:

> On Sunday 20 July 2003 10:42 pm, David A. Bandel wrote:
> 
> > Ensure the Windoze box has the correct IP and matching subnet mask.
> > Also that it lists your upstairs box as the gateway.  I'd also check
> > the DNS addresses.
> 
> It has 192.168.1.2 as its IP
> 255.255.255.0
> 192.168.1.1 as GW
> 210.49.48.1 as DNS primary, this is all I have
> I did notice it came up as 210.49.48.1.opt

that's OK.

> 
> > Then run:
> > iptables -F
> > iptables -X
> > iptables -t nat -F
> > iptables -t nat -X
> > iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth1 -j SNAT
> > --to-source 210.49.48.75
> > iptables -N tcprules
> > iptables -A tcprules -m state --state RELATED,ESTABLISHED -j ACCEPT
> > iptables -A tcprules -p icmp --icmp-type echo-request -j ACCEPT
> > iptables -A tcprules -m state --state NEW -i ! eth1 -j ACCEPT
> > iptables -A tcprules -m state --state INVALID -j DROP
> > iptables -A FORWARD -j tcprules
> > iptables -A INPUT -j tcprules
> > sysclt net.ipv4.ip_forward=1
> 
> Ran into trouble at last command, says sysclt 'command not found'.

One of those systems that doesn't use sysctl.  Well, the equivalent is:
echo 1 > /proc/sys/net/ipv4/ip_forward

> 
> > and try again.
> >
> > Ciao,
> >
> > David A. Bandel
> 
> I still tried it out but the failure of the last command may have
> stuffed it. However no go. I have not rebooted as yet amd going to do
> so now. If it works will mail you pronto.

no, you said you had ip_forward=1.  I just always run sysctl as part of
my firewall script to make sure.

Well, Keith, for what it's worth, everything on the Linux side looks
good. I'd reboot the XP system downstairs (actually, I'd boot it up with
KNOPPIX) to see if it gets fixed.  Your problem almost certainly lies
with the XP system.  Can't help you much there, XP is way too hosed for
me.  I have to Call Someone Else.

Ciao,

David A. Bandel
-- 
Focus on the dream, not the competition.
		Nemesis Racing Team motto
GPG key autoresponder:  mailto:david_key at pananix.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.linux-sxs.org/pipermail/linux-users/attachments/20030721/083a9066/attachment.pgp

More information about the Linux-users mailing list