Find the answer to your Linux question:
Results 1 to 4 of 4
I've installed Firestarter 1.0.3 and set the internet connection sharing but still I can't connect my laptop to internet. The desktop with firestarter running is configured as Code: dev4819 Link ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. 02-26-2005 #1
    rat007
    rat007 is offline
    Linux Newbie rat007's Avatar
    Join Date
    Jul 2004
    Location
    Brno
    Posts
    230

    Firestarter doesn't allow me to share internet connection

    I've installed Firestarter 1.0.3 and set the internet connection sharing but still I can't connect my laptop to internet. The desktop with firestarter running is configured as
    Code:
    dev4819   Link encap:Ethernet  HWaddr 00:05:5D:28:6D:84
          inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::205:5dff:fe28:6d84/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:63 errors:0 dropped:0 overruns:0 frame:0
          TX packets:93 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:5946 (5.8 KiB)  TX bytes:7902 (7.7 KiB)
          Interrupt:5 Base address:0xd400

eth1      Link encap:Ethernet  HWaddr 00:0D:88:38:AF:0C
          inet addr:xx.xx.128.61  Bcast: xx.xx.128.255  Mask:255.255.255.0
          inet6 addr: xx/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:20266 errors:0 dropped:0 overruns:0 frame:0
          TX packets:31284 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:28305543 (26.9 MiB)  TX bytes:2021569 (1.9 MiB)
          Interrupt:5 Base address:0xd000
    Where eth1 is connected to internet and dev is local connection. The laptop is configured as
    Code:
    eth0      Link encap:Ethernet  HWaddr 00:10:D7:0C:2C:D1
          inet addr:192.168.0.2  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:83 errors:0 dropped:0 overruns:0 frame:0
          TX packets:67 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:7146 (6.9 KiB)  TX bytes:6186 (6.0 KiB)
          Interrupt:11 Base address:0x4000
    Laptop and desktop has same /etc/resolv.conf and I've allowed all incomming connection from laptop to desktop (I can ping and ssh from laptop do desktop). But still when I do on laptop ping www.google.com I got error message ping: uknown hosts www.google.com. Even I can't ping DNSes from /etc/resolv.conf so I think sth is broken in Firestarted settings and I can't say what. I've runned firestarted wizard and selected eth1 as internet device and dev as the one which will share connection... Still no luck
    Reply With Quote Reply With Quote
  2. 02-26-2005 #2
    debian
    debian is offline
    Linux Newbie
    Join Date
    Feb 2005
    Posts
    129
    Check this out.
    Here's a NAT script:
    Code:
    #!/bin/bash
IPTABLES='/sbin/iptables'

# Set interface values
EXTIF='eth0'
INTIF1='eth1'

# enable ip forwarding in the kernel
/bin/echo 1 > /proc/sys/net/ipv4/ip_forward
                                                                               
# flush rules and delete chains
$IPTABLES -F
$IPTABLES -X
                                                                               
# enable masquerading to allow LAN internet access
$IPTABLES -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE
                                                                               
# forward LAN traffic from $INTIF1 to Internet interface $EXTIF
$IPTABLES -A FORWARD -i $INTIF1 -o $EXTIF -m state --state NEW,ESTABLISHED -j ACCEPT
    Of course, this assuming eth0 is your external nic and eth1 is lan nic. Change these as needed.
    You can put this script in /etc/firestarter.
    Reply With Quote Reply With Quote
  3. 02-26-2005 #3
    rat007
    rat007 is offline
    Linux Newbie rat007's Avatar
    Join Date
    Jul 2004
    Location
    Brno
    Posts
    230
    Ok. I've placed this script with changed NICs into user_pre file, which is loaded when firewall starter but it still doesn't work. I've looked at my iptables rules but I don't see what's wrong there. Forwarding seems sane to me ..

    Code:
    # iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            limit: avg 10/sec burst 5
DROP       all  --  anywhere             255.255.255.255
DROP       all  --  anywhere             10.76.128.255
DROP       all  --  BASE-ADDRESS.MCAST.NET/8  anywhere
DROP       all  --  anywhere             BASE-ADDRESS.MCAST.NET/8
DROP       all  --  255.255.255.255      anywhere
DROP       all  --  anywhere             0.0.0.0
DROP       all  --  anywhere             anywhere            state INVALID
INBOUND    all  --  anywhere             anywhere
INBOUND    all  --  anywhere             192.168.0.1
INBOUND    all  --  anywhere             10.76.128.61
INBOUND    all  --  anywhere             192.168.0.255
LOG        all  --  anywhere             anywhere            LOG level info prefix `Unknown Input'

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state NEW,ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere            limit: avg 10/sec burst 5
TCPMSS     tcp  --  anywhere             anywhere            tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
OUTBOUND   all  --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             192.168.0.0/24      state RELATED,ESTABLISHED
ACCEPT     udp  --  anywhere             192.168.0.0/24      state RELATED,ESTABLISHED
LOG        all  --  anywhere             anywhere            LOG level info prefix `Unknown Forward'

Chain OUTPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  BASE-ADDRESS.MCAST.NET/8  anywhere
DROP       all  --  anywhere             BASE-ADDRESS.MCAST.NET/8
DROP       all  --  255.255.255.255      anywhere
DROP       all  --  anywhere             0.0.0.0
DROP       all  --  anywhere             anywhere            state INVALID  __This looks strange__
OUTBOUND   all  --  anywhere             anywhere
OUTBOUND   all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere            LOG level info prefix `Unknown Output'

Chain INBOUND (4 references)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     udp  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     all  --  192.168.0.2          anywhere

Chain OUTBOUND (3 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     udp  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
    Reply With Quote Reply With Quote
  4. 02-26-2005 #4
    rat007
    rat007 is offline
    Linux Newbie rat007's Avatar
    Join Date
    Jul 2004
    Location
    Brno
    Posts
    230

    Issue solved

    Hmm, shouldn't be sth wrong with my laptop? My laptop was working under Windows net sharing but after I've reinstalled it with Debian it acts in same way as connected to Linux .. I can only ping the desktop computer. Both cases - eg. Laptop->Windows->net and Laptop->Fedora Core 3->net were working when I had Fedora Core 2 on laptop ..

    [update]
    My routing table on laptot was screwed up! Shame on me ..
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules