glore Posted June 13, 2004 Author Report Share Posted June 13, 2004 Thanks Chris for your time and help!!! I followed all the steps you said: STEP #1: In /etc/sysconfig/network-scripts/ifcfg-eth0 there was not IPADDR line so I added one with IPADDR=192.168.1.104 and saved it. STEP #2: In /etc/sysconfig/network-scripts/ifcfg-eth1 I changed IPADDR, NETWORK and BROADCAST as you said. STEP #3: IFCONFIG (What I see is that eth0 is 192.168.1.102 ?), Well, I think the router assigns IP randomly. eth0 Link encap:Ethernet HWaddr 00:E0:7D:F1:9A:37 inet addr:192.168.1.102 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::2e0:7dff:fef1:9a37/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:319 errors:0 dropped:0 overruns:0 frame:0 TX packets:2679 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:107183 (104.6 Kb) TX bytes:182987 (178.6 Kb) Interrupt:10 Base address:0x6000 eth1 Link encap:Ethernet HWaddr 00:E0:7D:73:59:19 inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::2e0:7dff:fe73:5919/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:103 errors:0 dropped:0 overruns:0 frame:0 TX packets:44 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:10906 (10.6 Kb) TX bytes:9999 (9.7 Kb) Interrupt:11 Base address:0x3000 STEP #4: When I ping from Mandrake, I get the expected results and I can also ping to 192.168.2.1 from Windows. But I can't ping to 192.168.1.104 (or 102) from Windows. It says something like Host is not accessible. Finally, I can't access the web from Windows. Well, here I am now. Any further instructions will be very welcome ! Thanks again my friend. Quote Link to comment Share on other sites More sharing options...
streeter Posted June 14, 2004 Report Share Posted June 14, 2004 OK - your network interfaces are all working (eth0 is being assigned automatically using dhcp by the router - thats OK) - we now need to allow packet forwarding on the Linux box. DO NOT run the mandrake internet connection sharing wizard - it may break things. First, install iptables - type "urpmi iptables" . It may already be installed, if so then that's OK. Then post the output of "iptables -nvL" and "iptables -nvL -t nat" here. Chris Quote Link to comment Share on other sites More sharing options...
glore Posted June 14, 2004 Author Report Share Posted June 14, 2004 Thanks again Chris. Right now I am not at home (I am working) but tonight when I get home I will follow your instructions and post results. The only thing I could try before comming to work was: iptables -nvL -t nat As root but the result was: (...not found, do you need to insmod?). Is that ok? Well, keep in touch. Ger. Quote Link to comment Share on other sites More sharing options...
streeter Posted June 14, 2004 Report Share Posted June 14, 2004 (edited) That just means iptables is not installed. Edit>> Wait! no it doesn't - it means iptables IS installed, but the nat table module is not loaded. Chris Edited June 14, 2004 by streeter Quote Link to comment Share on other sites More sharing options...
glore Posted June 14, 2004 Author Report Share Posted June 14, 2004 (edited) Yes Chris, IPTABLES is installed because when I type iptables -nvL it works and when I write urpmi iptables it says "everything already installed" but, as you mentioned, something that has to be with nat is not. So, what should I do now? I am really impressed with all your networking knowledge and effort to help me. Note: Do I really need to add IPADDR 192.168.1.104 in etc/sysconfig/network-scripts/ifcfg-eth0 or it isn't necessary taking into consideration that eth0 is being assign using dhcp? For instance, this morning, it was 192.168.1.101. In the machine running Mandrake, I use Lilo to boot in any of both: WinXp or Mandrake. In XP, the network works enabling uPnP in windows and when I install the network through XP wizard, it installs 192.168.0.1 as the gateway on the second machine. This way, it works. The problem I want to solve is that when booting into Mandrake, if I can't share Internet, my son can't navigate while I use Linux. If I use Mandrake Wizard, both computers can navigate but (as you already know) I can't access the router setup page or send files through messengers. Someone could say "Don't worry, don't send files or don't access the router's setup page" but, for me, this became a challenge (I know you understand :-) and I want to get everything working. The only thing that comes to mind is thank you! By the way, where are you from (I am from Buenos Aires, Argentina) German. Edited June 14, 2004 by glore Quote Link to comment Share on other sites More sharing options...
streeter Posted June 14, 2004 Report Share Posted June 14, 2004 (edited) Don't know enough to say "this is your probem"... I come from the Isle of Wight - a small island just off the South coast of the UK. Love the Internet - don't you? Makes the world a little smaller :) If you send me $$$loads I will fly over to set your PC up :D Ok - back to business... You are right - you don't need to enter an Ip address, if it is getting one (probably from the router, but mdk internet connection sharing installs a dhcp server also) via dhcp. I think perhaps the easiest thing to do though would be start from scratch manually (what have you to lose?): Get the network config from Windows - especially the nameserver and default gateway. Type drakxservices in a console as root. Click Stop and uncheck "On boot" dhcpd, squid and named if they are there and running. This will turn off 3 unnecessary and possibly broken servers. Then edit /etc/sysconfig/network-scripts/ifcfg-eth0 - the entries should read : DEVICE=eth0 BOOTPROTO=static IPADDR=192.168.1.104 # or 102, or whatever you like NETMASK=255.255.255.0 NETWORK=192.168.1.0 BROADCAST=192.168.1.255 ONBOOT=yes MII_NOT_SUPPORTED=yes Then edit /etc/sysconfig/network-scripts/ifcfg-eth1 - the entries should read : DEVICE=eth1 BOOTPROTO=static IPADDR=192.168.0.1 NETMASK=255.255.255.0 NETWORK=192.168.0.0 BROADCAST=192.168.0.255 ONBOOT=yes MII_NOT_SUPPORTED=yes You may also have to set windows up to a static address (192.168.0.2) with 192.168.0.1 as the gateway, and possibly your ISPs nameserver(s) in the DNS set up. /etc/resolv.conf should have valid nameserver addresses - put the address of your ISPs nameserver (got it from windows?) at the top. eg nameserver 195.20.224.165 The default gateway goes in /etc/sysconfig/network: HOSTNAME=yourhostname_goes_here NETWORKING=yes GATEWAY=192.168.1.1 Then type ifup eth0 followed by ifup eth1. We then need to set up packet forwarding: echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -F iptables -t nat -A POSTROUTING -o eth0 -s 192.168.0.0/24 -d 0/0 -j MASQUERADE The nat module should get loaded automatically. Then try it all out. If it works, you can put the iptables commands at the end of /etc/rc.d/rc.local. Check to make sure it all works across a reboot. Think that coves it all - apologies if I left something out... Let us know how you get on, including the output of "route -n" , "iptables -nvL" and "iptables -nvL -t nat" Then we can fix anything else not working... Chris Edited June 14, 2004 by streeter Quote Link to comment Share on other sites More sharing options...
glore Posted June 14, 2004 Author Report Share Posted June 14, 2004 Here I am again (still at work). When I get home I will try all these things. 1) My ISP assignsa dynamic IP address but (as a deduction) I can set a Static IP address for my computers. Is this ok? 2) Where do I get (in Windows) the ISP nameserver? Should I have one of those? Well, I will continue when I get home. Take care, German Quote Link to comment Share on other sites More sharing options...
streeter Posted June 14, 2004 Report Share Posted June 14, 2004 1) Yes - a static Ip address will work fine 2) If you were using the linux dhcp server, you may not have a DNS server address set, in which case, you need to check your ISPs website. If you have no luck, tell us what ISP you use, and we can look it up for you. The address I gave in the example should work (my ISP, located in Britain so not perfect) if you cannot find your own. If there is a DNS address set in windows XP, you will find it in the network properties - Right click on 'my network places', select properties, right click on your local area connection, choose properties. Select 'internet protocol' and properties. Here you will see if you have DNS server addresses set, or 'obtain DNS server address automatically'. It is similar in win 9x. The computer uses a nameserver to resolve (hence the file /etc/resolv.conf where we store this address) human readable addresses (eg www.google.com) into IP addresses. So each time you request, for example, a web page the computer first asks a nameserver for the IP address. You can run your own, but I am trying to keep things as simple as possible for now. You can add a nameserver and proxy server later if you like, when (if!) it all works. Chris Quote Link to comment Share on other sites More sharing options...
glore Posted June 14, 2004 Author Report Share Posted June 14, 2004 (edited) By now and before going back home I can send my ISP's web site: www.fibertel.com.ar So, my hostname is.............??? Yes, it would be much easier with you here fixing things up! But, at least, I will try to advance with your instructions. Well, I will start when I get home. Take care, German. Edited June 14, 2004 by glore Quote Link to comment Share on other sites More sharing options...
streeter Posted June 14, 2004 Report Share Posted June 14, 2004 ¿Qué es un DNS? Para empezar a utilizar un DOMINIO, es necesario que exista un servidor reconocido por la Red que guarde la relación entre el número IP y nuestro dominio, a estos servidores se los llama "DNS" Servidor de Nombres de Dominio (Domain Name Server). Esta relación entre dominio y DNS se hace efectiva en el momento de la "registración" del dominio en las páginas habilitadas. Por ejemplo los DNS de FiberTel son: dns1.cvtci.com.ar IP Nº: 24.232.0.17 dns2.cvtci.com.ar IP Nº: 24.232.0.18 Hey, I'm learning new languages here!! I think this means you put nameserver 24.232.0.17 nameserver 24.232.0.18 in /etc/resolv.conf and the dns entries in windows networking. Your hostname can be anything you like - linux.mylan.home for instance Chris Quote Link to comment Share on other sites More sharing options...
glore Posted June 14, 2004 Author Report Share Posted June 14, 2004 Chris, YOU ARE A GENIUS !!!!!!!!!!! I made all the changes you said and both computers can navigate simultaneously. In order to get this working, I added the IPTABLES commands in /etc/rc.d/rc.local as you said. Where should I go to access the other computer hard disk? (I mean, is there something like "my network" in Mandrake?) Regarding to DNS (you are learning Spanish!!!!), there were some numbers already in /etc/resolv.conf but I added the ones you sent me before them in the list. The only thing I wasn't sure is about the HOSTNAME and then I wrote DOMAIN that the machine running windows 98 has (INICIOMS in my case) Which -I think- is the workgroup name. Is that ok or should I write something different? When I tested the sending of files through Kopete, this happened: When the file was small, it worked ok but with a big file (400Mbytes) it started to send and when it reaches 9 or 10% it starts again. I've tested this only once so I can assure what I say but I tell you in case you already know what is going on. I can access the router while computer #2 is browsing the net ! Is there anything else I should add or change to improve things? What do you recommend me to read in order to understand all this networking things? Finally, let me tell you something about myself: I am a 40 year computing teacher (primary and High School) who really appreciates what you've done for me! :D Thank you very much Chris! Here I send the requested outputs: =========================================================================== The output of [b]route -n[/b] is: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0 =========================================================================== The output of [b]iptables -nvL[/b] (this one is very long): Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 1741 104K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 69221 2946K eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0/0 53 5248 eth1_in all -- eth1 * 0.0.0.0/0 0.0.0.0/0 0 0 common all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 1099 1234K eth0_fwd all -- eth0 * 0.0.0.0/0 0.0.0.0/0 833 63948 eth1_fwd all -- eth1 * 0.0.0.0/0 0.0.0.0/0 0 0 common all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 1741 104K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 138K 146M fw2net all -- * eth0 0.0.0.0/0 0.0.0.0/0 807 26483 all2all all -- * eth1 0.0.0.0/0 0.0.0.0/0 0 0 common all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain all2all (2 references) pkts bytes target prot opt in out source destination 20 1897 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 newnotsyn tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp flags:!0x16/0x02 831 29466 common all -- * * 0.0.0.0/0 0.0.0.0/0 784 22745 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:' 784 22745 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain common (5 references) pkts bytes target prot opt in out source destination 774 21672 icmpdef icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:135 183 24625 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:135 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 2 908 DROP all -- * * 0.0.0.0/0 255.255.255. 255 0 0 DROP all -- * * 0.0.0.0/0 224.0.0.0/4 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 state NEW Chain dynamic (4 references) pkts bytes target prot opt in out source destination Chain eth0_fwd (1 references) pkts bytes target prot opt in out source destination 0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW 1099 1234K net2all all -- * eth1 0.0.0.0/0 0.0.0.0/0 Chain eth0_in (1 references) pkts bytes target prot opt in out source destination 155 19618 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW 69221 2946K net2fw all -- * * 0.0.0.0/0 0.0.0.0/0 Chain eth1_fwd (1 references) pkts bytes target prot opt in out source destination 58 3085 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW 833 63948 loc2net all -- * eth0 0.0.0.0/0 0.0.0.0/0 Chain eth1_in (1 references) pkts bytes target prot opt in out source destination 53 5248 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW 53 5248 loc2fw all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fw2net (1 references) pkts bytes target prot opt in out source destination 137K 146M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 newnotsyn tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp flags:!0x16/0x02 15 900 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 907 39998 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain icmpdef (1 references) pkts bytes target prot opt in out source destination Chain loc2fw (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 8 320 newnotsyn tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp flags:!0x16/0x02 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:6891:6900 1 48 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3128 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3128 44 4880 all2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain loc2net (1 references) pkts bytes target prot opt in out source destination 775 60863 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 4 160 newnotsyn tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp flags:!0x16/0x02 54 2925 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2all (2 references) pkts bytes target prot opt in out source destination 1099 1234K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 newnotsyn tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp flags:!0x16/0x02 154 19518 common all -- * * 0.0.0.0/0 0.0.0.0/0 16 706 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2all:DROP:' 16 706 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2fw (1 references) pkts bytes target prot opt in out source destination 69063 2927K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 1 40 newnotsyn tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp flags:!0x16/0x02 3 144 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:6891:6900 154 19518 net2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain newnotsyn (6 references) pkts bytes target prot opt in out source destination 13 520 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:newnotsyn:DROP:' 13 520 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain reject (11 references) pkts bytes target prot opt in out source destination 0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 202 25950 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 765 21420 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-unreachable 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain shorewall (0 references) pkts bytes target prot opt in out source destination ============================================================================ The output of [b]iptables -nvL -t nat[/b] Chain PREROUTING (policy ACCEPT 235 packets, 23152 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 1197 packets, 49259 bytes) pkts bytes target prot opt in out source destination 61 3123 MASQUERADE all -- * eth0 192.168.0.0/24 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 2245 packets, 81793 bytes) pkts bytes target prot opt in out source destination Chain eth0_masq (0 references) pkts bytes target prot opt in out source destination Chain loc_dnat (0 references) pkts bytes target prot opt in out source destination ============================================================================ Please, let me know if I need to change something else. Take care my friend. [outputs formatted by spinynorman] Quote Link to comment Share on other sites More sharing options...
streeter Posted June 15, 2004 Report Share Posted June 15, 2004 Whoopeee!! What we have done is set up basic IP networking - windows networking is another layer on top of this, and uses the smb protocol. For this, under Linux, we need the samba package (install with "urpmi samba"). I also recommend the smb4k package, a sort of network neighbourhood for Linux. If you have any questions about samba set up (try the wizard first, I think it is more reliable than the networking one!), start another thread here. I too am 40, and share my time between selling shower curtains on-line (boring) and fixing PCs on the Isle of Wight (much more interesting). Oh and spending far too much time looking at forums.... :) Chris Quote Link to comment Share on other sites More sharing options...
streeter Posted June 15, 2004 Report Share Posted June 15, 2004 Oh, the book you need is called rute - it is on your install disk. Type "urpmi rute" this is a general Linux book. You can also type "<whatever you need to know> howto" in google eg iptables howto or "man <command> on the command line. Chris Quote Link to comment Share on other sites More sharing options...
glore Posted June 15, 2004 Author Report Share Posted June 15, 2004 (edited) Thanks for your answer, the recommended book and everything!!! I think I have both installed Samba and Smb4k. The only thing I saw -at home- (now working at school) is that when starting Samba I access to a web page but from there on I don't know how to continue. When I get home, I will try it again and step by step. If I don't know what to do, I think I will start (as you recommended) a new topic to learn about this. I would like also to configure My XP windows with a Static IP so if I boot into WinXP, my son can also access the web. About the hostname: Was it ok to name it the same as in the windows workgroup name? Are they the same or can I call them different? Well Chris, have a nice day and I really appreciate your help. :D Edited June 15, 2004 by glore Quote Link to comment Share on other sites More sharing options...
Gowator Posted June 15, 2004 Report Share Posted June 15, 2004 great!!! I think if you use the wizard it adds something to the conf file that webmin cant handle later. If your happy with the very basic wizard setup thats OK but otherwise you can configure samba from webmin or swat. the hostname and workgroup name are completely different and you can call them the same or not if you wish except it might get confusing for you if you do call them the same.... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.