Find the answer to your Linux question:
Results 1 to 4 of 4
I've installed Firestarter 1.0.3 and set the internet connection sharing but still I can't connect my laptop to internet. The desktop with firestarter running is configured as Code: dev4819 Link ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie rat007's Avatar
    Join Date
    Jul 2004
    Location
    Brno
    Posts
    230

    Firestarter doesn't allow me to share internet connection


    I've installed Firestarter 1.0.3 and set the internet connection sharing but still I can't connect my laptop to internet. The desktop with firestarter running is configured as
    Code:
    dev4819   Link encap:Ethernet  HWaddr 00:05:5D:28:6D:84
              inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
              inet6 addr: fe80::205:5dff:fe28:6d84/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:63 errors:0 dropped:0 overruns:0 frame:0
              TX packets:93 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:5946 (5.8 KiB)  TX bytes:7902 (7.7 KiB)
              Interrupt:5 Base address:0xd400
    
    eth1      Link encap:Ethernet  HWaddr 00:0D:88:38:AF:0C
              inet addr:xx.xx.128.61  Bcast: xx.xx.128.255  Mask:255.255.255.0
              inet6 addr: xx/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:20266 errors:0 dropped:0 overruns:0 frame:0
              TX packets:31284 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:28305543 (26.9 MiB)  TX bytes:2021569 (1.9 MiB)
              Interrupt:5 Base address:0xd000
    Where eth1 is connected to internet and dev is local connection. The laptop is configured as
    Code:
    eth0      Link encap:Ethernet  HWaddr 00:10:D7:0C:2C:D1
              inet addr:192.168.0.2  Bcast:192.168.0.255  Mask:255.255.255.0
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:83 errors:0 dropped:0 overruns:0 frame:0
              TX packets:67 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:7146 (6.9 KiB)  TX bytes:6186 (6.0 KiB)
              Interrupt:11 Base address:0x4000
    Laptop and desktop has same /etc/resolv.conf and I've allowed all incomming connection from laptop to desktop (I can ping and ssh from laptop do desktop). But still when I do on laptop ping www.google.com I got error message ping: uknown hosts www.google.com. Even I can't ping DNSes from /etc/resolv.conf so I think sth is broken in Firestarted settings and I can't say what. I've runned firestarted wizard and selected eth1 as internet device and dev as the one which will share connection... Still no luck

  2. #2
    Linux Newbie
    Join Date
    Feb 2005
    Posts
    129
    Check this out.
    Here's a NAT script:
    Code:
    #!/bin/bash
    IPTABLES='/sbin/iptables'
    
    # Set interface values
    EXTIF='eth0'
    INTIF1='eth1'
    
    # enable ip forwarding in the kernel
    /bin/echo 1 > /proc/sys/net/ipv4/ip_forward
                                                                                   
    # flush rules and delete chains
    $IPTABLES -F
    $IPTABLES -X
                                                                                   
    # enable masquerading to allow LAN internet access
    $IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
                                                                                   
    # forward LAN traffic from $INTIF1 to Internet interface $EXTIF
    $IPTABLES -A FORWARD -i $INTIF1 -o $EXTIF -m state --state NEW,ESTABLISHED -j ACCEPT
    Of course, this assuming eth0 is your external nic and eth1 is lan nic. Change these as needed.
    You can put this script in /etc/firestarter.

  3. #3
    Linux Newbie rat007's Avatar
    Join Date
    Jul 2004
    Location
    Brno
    Posts
    230
    Ok. I've placed this script with changed NICs into user_pre file, which is loaded when firewall starter but it still doesn't work. I've looked at my iptables rules but I don't see what's wrong there. Forwarding seems sane to me ..

    Code:
    # iptables -L
    Chain INPUT (policy DROP)
    target     prot opt source               destination
    ACCEPT     all  --  anywhere             anywhere
    ACCEPT     icmp --  anywhere             anywhere            limit: avg 10/sec burst 5
    DROP       all  --  anywhere             255.255.255.255
    DROP       all  --  anywhere             10.76.128.255
    DROP       all  --  BASE-ADDRESS.MCAST.NET/8  anywhere
    DROP       all  --  anywhere             BASE-ADDRESS.MCAST.NET/8
    DROP       all  --  255.255.255.255      anywhere
    DROP       all  --  anywhere             0.0.0.0
    DROP       all  --  anywhere             anywhere            state INVALID
    INBOUND    all  --  anywhere             anywhere
    INBOUND    all  --  anywhere             192.168.0.1
    INBOUND    all  --  anywhere             10.76.128.61
    INBOUND    all  --  anywhere             192.168.0.255
    LOG        all  --  anywhere             anywhere            LOG level info prefix `Unknown Input'
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination
    ACCEPT     all  --  anywhere             anywhere            state NEW,ESTABLISHED
    ACCEPT     icmp --  anywhere             anywhere            limit: avg 10/sec burst 5
    TCPMSS     tcp  --  anywhere             anywhere            tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
    OUTBOUND   all  --  anywhere             anywhere
    ACCEPT     tcp  --  anywhere             192.168.0.0/24      state RELATED,ESTABLISHED
    ACCEPT     udp  --  anywhere             192.168.0.0/24      state RELATED,ESTABLISHED
    LOG        all  --  anywhere             anywhere            LOG level info prefix `Unknown Forward'
    
    Chain OUTPUT (policy DROP)
    target     prot opt source               destination
    ACCEPT     all  --  anywhere             anywhere
    DROP       all  --  BASE-ADDRESS.MCAST.NET/8  anywhere
    DROP       all  --  anywhere             BASE-ADDRESS.MCAST.NET/8
    DROP       all  --  255.255.255.255      anywhere
    DROP       all  --  anywhere             0.0.0.0
    DROP       all  --  anywhere             anywhere            state INVALID  __This looks strange__
    OUTBOUND   all  --  anywhere             anywhere
    OUTBOUND   all  --  anywhere             anywhere
    LOG        all  --  anywhere             anywhere            LOG level info prefix `Unknown Output'
    
    Chain INBOUND (4 references)
    target     prot opt source               destination
    ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     udp  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     all  --  192.168.0.2          anywhere
    
    Chain OUTBOUND (3 references)
    target     prot opt source               destination
    ACCEPT     icmp --  anywhere             anywhere
    ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     udp  --  anywhere             anywhere            state RELATED,ESTABLISHED
    ACCEPT     all  --  anywhere             anywhere

  4. #4
    Linux Newbie rat007's Avatar
    Join Date
    Jul 2004
    Location
    Brno
    Posts
    230

    Issue solved

    Hmm, shouldn't be sth wrong with my laptop? My laptop was working under Windows net sharing but after I've reinstalled it with Debian it acts in same way as connected to Linux .. I can only ping the desktop computer. Both cases - eg. Laptop->Windows->net and Laptop->Fedora Core 3->net were working when I had Fedora Core 2 on laptop ..

    [update]
    My routing table on laptot was screwed up! Shame on me ..

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •