Find the answer to your Linux question:
Results 1 to 5 of 5
I posted this on debian forums, but I'm posting here also in hopes to get a quicker response. I have a feeling this isn't debian related but it's just me ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Feb 2014
    Posts
    2

    IPTABLES forwarding troubles


    I posted this on debian forums, but I'm posting here also in hopes to get a quicker response.
    I have a feeling this isn't debian related but it's just me not configuring something properly.

    What I'm trying to do is forward all packages between interfaces eth0 and wlan0, which I use as an access point with hostapd, so that clients connected on wlan can access the internet.

    I have tried:
    Code:
    #!/bin/bash
    #First, delete all existing rules
    iptables --flush
    iptables --delete-chain
    iptables --table nat --delete-chain
    iptables --table nat -F
    iptables --table nat -X
    #NAT Forwarding for wifi access point
    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
    iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT -m state --state RELATED,ESTABLISHED
    iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
    And still, clients on wlan0 cannot connect to any ip on eth0.
    I have also tried:
    Code:
    iptables --flush
    iptables --table nat --flush
    iptables --delete-chain
    iptables --table nat --delete-chain
    iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
    iptables --append FORWARD --in-interface wlan0 -j ACCEPT
    but to no avail.

    My network configuration:

    debian-TV.lan
    I'm using a debian machine which acts as a dns and dhcp server on my network, and also runs hostapd.
    It has 2 network interfaces:
    eth0 ->
    subnet: 192.168.1.0/24
    ip: 192.168.1.1
    wlan0 ->
    subnet: 10.0.0.0/24
    ip: 10.0.0.1

    dsldevice.lan
    ISP's router which acts as an Internet gateway:
    ip: 192.168.1.254

    DHCP and DNS servers are working as expected.
    I know this because computers connected on 192.168.1.0/24 subnet (ethernet) have no networking issues:
    - ip gets assigned
    - nslookup to dsldevice.lan, debain-TV and others works
    - ping to dsldevice.lan, debian-TV and others works
    - ping to google.com works
    - ping to 10.0.0.1 (wlan0 on debian-TV) works

    But for the clients connecting on the wlan i get this:
    - ip, default gateway and DNS (DHCP stuff) get assigned properly
    - nslookup to dsldevice.lan, debain-TV and others works
    - ping to debian-TV (10.0.0.1) works
    - ping to 192.168.1.1 (eth0 on debian-TV) does NOT work
    - ping to dsldevice or anything on the 192.168.1.0/24 subnet (except debian-TV) does NOT work
    - ping to goole.com does NOT work (obviously)

    Which implies NAT is not working properly.

    IP forwarding IS enbled on debian-TV (I checked with cat /proc/sys/net/ipv4/ip_forwards)
    I'm having dnsmasq do DHCP and DNS.
    It's freshly installed debian too: Linux debian-TV 3.2.0-4-686-pae #1 SMP Debian 3.2.41-2 i686 GNU/Linux

  2. #2
    Just Joined!
    Join Date
    Feb 2014
    Location
    Netherlands
    Posts
    5

    IPTABLES forwarding troubles

    Try this:
    iptables -A FORWARD -i wlan0 -o eth0 -s 192.168.1.0/24 -m conntrack --ctstate NEW -j ACCEPT
    iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE


    Sent from my iPhone using Tapatalk

  3. #3
    Just Joined!
    Join Date
    Feb 2014
    Location
    Netherlands
    Posts
    5

    IPTABLES forwarding troubles

    This should work!

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Feb 2014
    Posts
    2
    I fixed it. It was a problem with gateway configuration in dnsmasq for 10.0.0.0/24 subdomain. I configured my router (192.168.1.254) as a gateway, which is invisible from the wlan subdomain. After making 10.0.0.1 the default gateway in DHCP it worked properly. In adition, I configured routing using dhcp option 121 so that clients on the 192.168.1.0/24 subnets use dsldevice.lan as a gateway (otherwise packets from the internet would go to debian-TV first which is inefficient with my network configuration).

  6. #5
    Just Joined!
    Join Date
    Feb 2014
    Posts
    1
    Folks are essentially selling their vintage Louis bags or their notsoused bags that appear like new. It is possible to even acquire with tags things that have never ever fake lv bags been utilised and till possess the unique tags on them with garment bags and all. These bags are gonna be somewhat extra pricey, but most are nonetheless much less than you pay instore..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •