[plug] Network no talkee to intrawebs

Lance Duivenbode plug at duivenbode.id.au
Mon Apr 7 23:14:31 WST 2008 

Skribe,

Perhaps I'm wrong, but I think what you might be missing is an iptables 
masquerading rule. Take my setup for example:

    * 2 interfaces
       -> eth0 - serves DHCP to LAN clients [192.168.30.xxx network - 
address is 192.168.30.1]
       -> ath0 - wireless link to my ADSL router [192.168.20.xxx network 
- address is 192.168.20.30]

    * DHCP serves the address of eth0 as the LAN gateway
    * Server's default route is to 192.168.20.9 (the ADSL router)

    * Routing table has the following:

        Destination     Gateway         Genmask         Flags Metric 
Ref    Use Iface
        192.168.20.0    0.0.0.0         255.255.255.0   U     0      
0        0 ath0
        192.168.30.0    0.0.0.0         255.255.255.0   U     0      
0        0 eth0
        0.0.0.0         192.168.20.9    0.0.0.0         UG    0      
0        0 ath0

    * 'iptables -L' shows the following (just the default):

        Chain INPUT (policy ACCEPT)
        target     prot opt source               destination

        Chain FORWARD (policy ACCEPT)
        target     prot opt source               destination

        Chain OUTPUT (policy ACCEPT)
        target     prot opt source               destination

    * 'iptables -L -t nat' shows the following:

        Chain PREROUTING (policy ACCEPT)
        target     prot opt source               destination

        Chain POSTROUTING (policy ACCEPT)
        target     prot opt source               destination
        MASQUERADE  0    --  anywhere             anywhere

        Chain OUTPUT (policy ACCEPT)
        target     prot opt source               destination

    * /proc/sys/net/ipv4/ip_forward is set to 1

You can add the important MASQUERADE rule under the POSTROUTING section 
of the 'nat' table by using a command similar to below:

    iptables -t nat -A POSTROUTING -o <OUT_INTERFACE> -j MASQUERADE

Where <OUT_INTERFACE> is the outgoing interface (in your case ppp0, in 
my case ath0). The command I use is:

    iptables -t nat -A POSTROUTING -o ath0 -j MASQUERADE

Of course, Ian also has a point that you don't have an address for eth0 
so that will also cause issues if it really is your internet connection. 
However, if that's the case - why do you have ppp0 and your machine's 
default route set to use it?

Cheers,
Lance



skribe productions wrote:
> Since I seem to have stumped everyone here's some more data:
> route -n
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    
> Use Iface
> 202.x.x.x  0.0.0.0 <http://0.0.0.0>         255.255.255.255 
> <http://255.255.255.255> UH    0      0        0 ppp0
> 192.168.2.0 <http://192.168.2.0>     0.0.0.0 <http://0.0.0.0>         
> 255.255.255.0 <http://255.255.255.0>   U     0      0        0 eth1
> 0.0.0.0 <http://0.0.0.0>         0.0.0.0 <http://0.0.0.0>         
> 0.0.0.0 <http://0.0.0.0>         U     0      0        0 ppp0
>
> ifconfig
> eth0      Link encap:Ethernet  HWaddr xx:xx:xx:xx:xx:xx
>           inet6 addr: xxxxxx Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:41199 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:35186 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:20975828 (20.0 MiB)  TX bytes:5672292 (5.4 MiB)
>           Interrupt:217 Base address:0xc800
>
> eth1      Link encap:Ethernet  HWaddr xxxxxxxxx
>           inet addr:192.168.2.1 <http://192.168.2.1>  
> Bcast:192.168.2.255 <http://192.168.2.255>  Mask:255.255.255.0 
> <http://255.255.255.0>
>           inet6 addr: xxxxxxx Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:15008 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:5349 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:1218499 (1.1 MiB)  TX bytes:859430 (839.2 KiB)
>           Interrupt:177 Base address:0xc400
>
> lo        Link encap:Local Loopback
>           inet addr:127.0.0.1 <http://127.0.0.1>  Mask:255.0.0.0 
> <http://255.0.0.0>
>           inet6 addr: ::1/128 Scope:Host
>           UP LOOPBACK RUNNING  MTU:16436  Metric:1
>           RX packets:50487 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:50487 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:8670264 (8.2 MiB)  TX bytes:8670264 (8.2 MiB)
>
> ppp0      Link encap:Point-to-Point Protocol
>           inet addr: xxxxxxx P-t-P:xxxxxx  Mask:255.255.255.255 
> <http://255.255.255.255>
>           UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
>           RX packets:304 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:176 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:3
>           RX bytes:56006 (54.6 KiB)  TX bytes:31313 (30.5 KiB)
>
>
> Hope ths helps,
>
> skribe
> ------------------------------------------------------------------------
>
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
>

More information about the plug mailing list