Havin_it Posted August 27, 2004 Report Share Posted August 27, 2004 Hello, please believe I haven't posted on this overplayed issue lightly. I have been wrestling with it for days, and have tried both the 'ICS host setup' guidelines from the sticky, and flightcrank's recent post too. My setup is similar to flightcrank's, except that my ICS client is not a separate computer but an emulator running Mac OS X in a window on Mandy. It has a fully-functional emulated Realtek RTL8139 NIC, which connects to a tap/tun interface called 'ppc' on the host. I'm not telling you this so you can tell me none of the howtos are valid, because they are - the only difference is that the ppc interface is not started at boot. Also have iptables on but shorewall OFF, because I think my router's firewall will suffice. So, I followed the off-site howto (referenced in the sticky) to the letter, substituting wlan0 (the router/internet connection) for eth0 and ppc for eth1. BTW, IPs are 192.168.1.1 (router), 192.168.1.2 (wlan0), 192.168.0.1 (ppc), 192.168.0.2 (Mac) After the reboot and bringing up ppc, I found I could ping ppc but not the Mac which was 'Destination Host unreachable'. At this point the ifconfig info was as follows: ppc Link encap:Ethernet HWaddr 00:FF:ED:36:A7:37 inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::2ff:edff:fe36:a737/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:9 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:546 (546.0 B) wlan0 Link encap:Ethernet HWaddr 00:30:BD:FC:0B:06 inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::230:bdff:fefc:b06/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:426 errors:0 dropped:0 overruns:0 frame:0 TX packets:596 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:94567 (92.3 Kb) TX bytes:96114 (93.8 Kb) Interrupt:16 Memory:20800000-20801fff and route -n Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ppc 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 wlan0 and iptables [root@PENGI robin]# iptables -nvL -t nat Chain PREROUTING (policy ACCEPT 113 packets, 15645 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 332 packets, 23668 bytes) pkts bytes target prot opt in out source destination 0 0 MASQUERADE all -- * * 192.168.0.2 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 332 packets, 23668 bytes) pkts bytes target prot opt in out source destination [root@PENGI robin]# iptables -nvL Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Then I tried flightcrank's approach. Now I can ping the Mac as well, and the Mac can ping as far as wlan0 but no further (not to the router or any internet address/IP). At this point the ifconfig is the same, and the rest: [root@PENGI robin]# iptables -nvL -t nat Chain PREROUTING (policy ACCEPT 98 packets, 24321 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 99 packets, 8003 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 83 packets, 6948 bytes) pkts bytes target prot opt in out source destination [root@PENGI robin]# iptables -nvL Chain INPUT (policy ACCEPT 270 packets, 116K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- wlan0 ppc 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 61 4043 ACCEPT all -- ppc wlan0 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 340 packets, 73430 bytes) pkts bytes target prot opt in out source destination All else i can tell you is that this same config worked easily in Win, and also in a previous Linux setup where the internet connection was ppp0 (the dreaded Speedtouch). I guess the problem must be in iptables, but I'm pretty much at a loss about that whole issue (I never used Shorewall with the Speedtouch in the past either). <deep breath> So, any ideas? Quote Link to comment Share on other sites More sharing options...
Havin_it Posted August 27, 2004 Author Report Share Posted August 27, 2004 PS I don't remember the smileys in ifconfig, for that bit read B) Quote Link to comment Share on other sites More sharing options...
spinynorman Posted August 27, 2004 Report Share Posted August 27, 2004 PS I don't remember the smileys in ifconfig, for that bit read B ) If you format it as code, it doesn't translate to emoticons - I've done it for you. :) Quote Link to comment Share on other sites More sharing options...
Havin_it Posted August 30, 2004 Author Report Share Posted August 30, 2004 Thanks Mr spiny - I iz a foole. I iz also still at a dead-end with this problem. Usually solve things myself by now but no such luck (GRRRR!) Quote Link to comment Share on other sites More sharing options...
flightcrank Posted August 31, 2004 Report Share Posted August 31, 2004 unfortunately i my self have only been using mandrake for the past 2 weeks and it is my first experience using a operating system other than Windows. so i can offer little help other than posting what has worked for me. these formus are unfortunately a little slow so hopefully this will bump your thread up and a linux guru may offer better help. I'm confident it cane be done !! so, hang in there. you seem to have a innovative setup so once your get it working which I'm sure u will be sure to post how it was done so others can benefit. (because i want to try it ! ) good luck ! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.