VeeDubb Posted January 18, 2004 Report Share Posted January 18, 2004 Okay, usingmy mandrake box a an internet gateway. Here's the results of ifconfig eth0 Link encap:Ethernet HWaddr 00:20:78:14:F1:19 inet addr:24.0.0.1 Bcast:24.0.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:739 errors:0 dropped:0 overruns:0 frame:0 TX packets:335 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:378368 (369.5 Kb) TX bytes:48930 (47.7 Kb) Interrupt:11 Base address:0xd000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:175 errors:0 dropped:0 overruns:0 frame:0 TX packets:175 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:11529 (11.2 Kb) TX bytes:11529 (11.2 Kb) ppp0 Link encap:Point-to-Point Protocol inet addr:67.227.219.158 P-t-P:67.227.128.69 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1524 Metric:1 RX packets:147 errors:0 dropped:0 overruns:0 frame:0 TX packets:129 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:175004 (170.9 Kb) TX bytes:9504 (9.2 Kb) usb0 Link encap:Ethernet HWaddr FE:65:4E:EF:E2:75 inet addr:192.168.129.1 Bcast:192.168.129.255 Mask:255.255.255.255 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:26 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 b) TX bytes:3528 (3.4 Kb) my internet is on ppp0, and I'm tryng to let usb0 conect through me. I have a script set up to make the connection as follows #!/bin/bash ifconfig usb0 192.168.129.1 netmask 255.255.255.255 up route add -host 192.168.129.201 usb0 iptables -t nat -F iptables -t nat -A POSTROUTING -j SNAT -o ppp0 echo 1 > /proc/sys/net/ipv4/ip_forward When I run this script, I get the following error [root@penpen stephen]# sh Zconnect.sh SIOCADDRT: File exists iptables v1.2.8: You must specify --to-source Try `iptables -h' or 'iptables --help' for more information. I have looked at iptables -h and it apears that I am supposed to add --to 'some ip-address' Problem is that ppp0 is a dynamic IP connection, so the IP changes at every connect. Any help greatly appreciated. Quote Link to comment Share on other sites More sharing options...
VeeDubb Posted January 18, 2004 Author Report Share Posted January 18, 2004 I almost forgot one iportant bit of info. Here is an excertp from mnap iptables that explains snat, but it is 100% over my head, maybe one of you can decipher and tell me how to change my connect script. Thanks. SNAT This target is only valid in the nat table, in the POSTROUTING chain. It specifies that the source address of the packet should be modified (and all future packets in this connection will also be mangled), and rules should cease being examined. It takes one type of option: --to-source ipaddr[-ipaddr][:port-port] which can specify a single new source IP address, an inclusive range of IP addresses, and optionally, a port range (which is only valid if the rule also specifies -p tcp or -p udp). If no port range is specified, then source ports below 512 will be mapped to other ports below 512: those between 512 and 1023 inclusive will be mapped to ports below 1024, and other ports will be mapped to 1024 or above. Where possible, no port alter- ation will occur. You can add several --to-source options. If you specify more than one source address, either via an address range or multiple --to-source options, a simple round-robin (one after another in cycle) takes place between these adresses. It's also possible that snat is the wrong protocal for a dynamic ip connection. I got my script from a "How-to" and did my best to fix it for me. Also, I do not want any for of security at all between the internet and usb0. I want every available port open and don't care what some idiot hacker can see. usb0 is just my pda. Quote Link to comment Share on other sites More sharing options...
VeeDubb Posted January 20, 2004 Author Report Share Posted January 20, 2004 Bump? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.