FC4 IP Masquerading

Warren Sturm wrsturm at mtroyal.ca
Wed Oct 26 01:56:53 UTC 2005 

On Wed, 2005-10-26 at 11:31 +1000, Tony Crouch wrote:
> Hi All,
> 
> After doing a bit more looking around, I noticed from the error output
> that perhaps there should not be a space between the forward slash and
> the j switch. So I did this, but received a different error ... my
> terminal output is included below.
> 
> [root at localhost tony]# /sbin/iptables -D POSTROUTING -t nat -s
> 192.168.0.0/24 -d ! 192.168.0.0/24 \-j MASQUERADE
> iptables: No chain/target/match by that name
> 

make sure that iptable_nat kernel module is loaded

I used the following command to get nat going and then did an
iptables-save > new_iptables

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

> Any ideas on where to go from here?
> 
> Thanks for your help.
> 
> Cheers, 
> Tony
> 
> 
> ###########
> 
> 
> > Message: 13
> > Date: Wed, 26 Oct 2005 11:22:37 +1000
> > From: Tony Crouch <acrouch2 at une.edu.au>
> > Subject: Re: FC4 IP Masquerading
> > To: fedora-list at redhat.com
> > Message-ID: <1130289757.4050.5.camel at localhost.localdomain>
> > Content-Type: text/plain
> > 
> > Hi Jonathan,
> > Thanks for your reply with regards to my IP masquerading query. I ran
> > the two scripts you initially mentioned in your reply. It seems for
> > some
> > reason (even though the j or jump switches are contained within the
> > iptables manual, it reports an error ... I have included my terminal
> > output below.
> > 
> > [root at localhost tony]# /sbin/iptables -D POSTROUTING -t nat -s
> > 192.168.0.0/24 -d  ! 192.168.0.0/24 \ -j MASQUERADE
> > Bad argument ` -j'
> > Try `iptables -h' or 'iptables --help' for more information.
> > 
> > 
> > [root at localhost tony]# /sbin/iptables -D POSTROUTING -t nat -s
> > 192.168.0.0/24 -d ! 192.168.0.0/24 \ --jump MASQUERADE
> > Bad argument ` --jump'
> > Try `iptables -h' or 'iptables --help' for more information.
> > 
> > 
> > Any ideas as to why this switch is being reported as being invalid?
> > 
> > Thanks for your help.
> > 
> > Cheers, 
> > Tony
> > 
> > ###################
> > 
> > 
> > > 
> > > Message: 18
> > > Date: Tue, 25 Oct 2005 19:17:39 +0100
> > > From: Jonathan Rawle <gmane at jonathanrawle.co.uk>
> > > Subject: Re: FC4 IP Masquerading
> > > To: fedora-list at redhat.com
> > > Message-ID: <djlss3$mtu$1 at sea.gmane.org>
> > > Content-Type: text/plain; charset=us-ascii
> > > 
> > > Tony Crouch wrote:
> > > 
> > > > Hi All,
> > > > I have spent the last few days trying to set up an IP masquerading
> > > > situation on my home LAN (which only consists of my FC4 notebook
> > and
> > > my
> > > > windows XP desktop). I have gone through all the sites and read
> > all
> > > > about IP tables, but alas I still can't get it setup.
> > > > 
> > > > The IPs' of my two machines are:
> > > > Notebook (aka: masquerading box) : 192.168.0.1
> > > > Desktop : 192.168.0.2
> > > > 
> > > 
> > > Try the following three lines as a start:
> > > 
> > > /sbin/iptables -D POSTROUTING -t nat -s 192.168.0.0/24 -d !
> > > 192.168.0.0/24 \
> > > -j MASQUERADE
> > > 
> > > /sbin/iptables -t nat -s 192.168.0.0/24 -d ! 192.168.0.0/24 -A
> > > POSTROUTING \
> > > -j MASQUERADE
> > > 
> > > echo 1 > /proc/sys/net/ipv4/ip_forward
> > > 
> > > 
> > > If it works, to make it permanent, the first two
> > > (without /sbin/iptables)
> > > can be added to /etc/sysconfig/iptables. I'm sure there's a proper
> > way
> > > to
> > > turn on ip_forward, but I just put the third line in rc.local.
> > > 
> > > > My firewall has been turned off within: "Desktop --> System
> > Settings
> > > -->
> > > > Security Level".
> > > > 
> > > 
> > > This is not a good idea, even on dial-up. Turn the firewall on, then
> > > allow
> > > any traffic through eth0 (or whatever your LAN is on) using:
> > > 
> > > /sbin/iptables -I RH-Firewall-1-INPUT 2 -i eth0 -j ACCEPT
> > > 
> > > 
> > > Let us know if it works!
> > > 
> > > 
> > > Jonathan
> > > 
> > > -- 
> > > http://jonathan.rawle.org/
> > > 
> > 
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20051025/217d6edd/attachment-0001.sig>

More information about the fedora-list mailing list