Mikkel L. Ellertson
mikkel at infinity-ltd.com
Wed Jun 6 14:47:05 UTC 2007
>>> >> Thanks. This box is a samba machine. I want to allow local users
>>> and >> remote
>>> >> users to access it. I have 2 NIC on this box. eth0 is on a public
>>> >> IP(220.127.116.11) and eth1 is on the local IP(192.168.1.150). But
>>> how do >> i set
>>> >> the gateway? Can i specify the public gateway for eth0(18.104.22.168)
>>> and >> the
>>> >> gateway for eth1 (192.168.1.1) and as for the gateway in
>>> >> /etc/sysconfig/network i will remove it. Will this work?
> I had tested with the above and 192.168.1.1 is the default route.. I
> have no problem going into the internet via the router on 192.168.1.1. I
> can ping both the public and local IP in LAN, but I am cannot ping the
> public IP from another network.
> [root at samba ~]# netstat -r
> Kernel IP routing table
> Destination Gateway Genmask Flags MSS Window irtt
> 22.214.171.124 * 255.255.255.240 U 0 0 0 eth0
> 192.168.1.0 * 255.255.255.0 U 0 0 0
> 169.254.0.0 * 255.255.0.0 U 0 0 0
> default 192.168.1.1 0.0.0.0 UG 0 0 0
> [root at samba ~]#
> [root at samba ~]# ip route
> 126.96.36.199/28 dev eth0 proto kernel scope link src 188.8.131.52
> 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.150
> 169.254.0.0/16 dev eth1 scope link
> default via 192.168.1.1 dev eth1
> [root at samba ~]#
> The machine does not have a firewall yet, so i guess the public IP is
> not routed out, therefore unreachable.
> How do I route the public IP out?
There are a bunch of problems here. The first is that your default
route should be through eth0 with the gateway your ISP gives you.
(12.73.1.<something>). If you want the machines on the 192.168.1.0
network to be able to access the Internet through this box, you will
also have to set up some NAT iptable rules. Take a look at the
firewall packages and see what on is easy for you to understand -
NAT is normally set up as part of the firewall.
You really need to read one of the networking and firewall HOWTOs so
that you understand what you are doing, or get someone locally to
set this up for you. Without a basic understanding of how networking
works, it is too easy to make mistakes or misunderstand instructions
when using advice from a mailing list.
Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!
More information about the fedora-list