fat client k12linux access

William Fragakis william at fragakis.com
Sat Dec 5 18:36:35 UTC 2009 

This gave me fits for the longest time and I ended up coming in from a
different direction from Peter, although using dnsmasq would have been
easier.

Every I read to use
 iptables -t nat -A POSTROUTING -j MASQUERADE
but nothing but frustration. 

Somewhere, I stumbled upon this version:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE --source
192.168.0.0/24

note the -- source, etc at the end. Obviously, adapt the 192.etc to your
particular network layout.

I edited the appropriate line in the old k12ltsp nat service and that
solved it for me after weeks of banging my head against the wall. All
the same, I'll give Peter's method a shot.

Regards,
William


On Sat, 2009-12-05 at 12:00 -0500,
k12linux-devel-list-request at redhat.com wrote:
> Date: Sat, 05 Dec 2009 09:24:29 -0600
> From: Peter Scheie <peter at scheie.homedns.org>
> Subject: Re: fat client k12linux access
> To: Development discussion of K12Linux
>         <k12linux-devel-list at redhat.com>
> Message-ID: <4B1A7B2D.20803 at scheie.homedns.org>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
> 
> I wrote a short how-to for myself on this a while back:
> 
> 
>      * echo 1 >/proc/sys/net/ipv4/ip_forward
>      * edit /etc/sysctl.conf to make that permanent
>      * iptables -t nat -A POSTROUTING -j MASQUERADE
>      * iptables-save
>      * service dnsmasq start
> 
> The first two turn on forwarding, which is the primary requirement.
> The next two 
> tell iptables to allow port forwarding; if iptables is turned off,
> they are 
> unnecessary. The last one is to provide a DNS service to the fat
> client. 
> Remember that thin client's apps are running on the server so they use
> the DNS 
> server listed in /etc/resolv.conf. On the TC segment, however,
> dhcpd.conf tells 
> clients that the nameserver is the LTSP server, meaning there needs to
> be a 
> nameserver running on the LTSP server. That's what dnsmasq does. HTH
> 
> Peter
> 
> Barry Cisna wrote:
> > Hello All,
> > 
> > F10-K12Linux Live Install
> > 
> > Having trouble with fat clients, AKA laptops being able to get the
> > correct dns information from the k12linux server to gain internet
> > access.
> > 1. I have enabled ipv4_forwarding,in sysctl.conf and in iptables
> have
> > set dnsmasq to -outgoing eth0 ( internal interface).
> > 2. The laptops can ping both k12server nics/ltspbr0 but can not ping
> any
> > public IP number.
> > I know iptables/firewalling is hard to give advice on with the
> miriad of
> > variables involved.
> > Of course the actual TC's have no problem internet browsing. This is
> on
> > both Linux and Winders laptops.
> > Bottom line; K12linux server is not feeding non-TC machines dns
> info.
> > 
> > Thanks,
> > Barry Cisna
> > 
> > 
> > _______________________________________________
> > K12Linux-devel-list mailing list
> > K12Linux-devel-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/k12linux-devel-list
>

More information about the K12Linux-devel-list mailing list