[oclug]networking: sending from inside network to isp
Raj
thukral at pobox.com
Mon Oct 21 23:36:36 EDT 2002
On Mon, 21 Oct 2002, Brenda J. Butler wrote:
> On Mon, Oct 21, 2002 at 10:29:45PM -0400, Brenda J. Butler wrote:
> Well, this is exciting! Now I can ping from taz to the outside
> ip's, and the send lights up on the modem. But the receive
> doesn't. Yet!
>
>
If you've only echoed a '1' to ip_forward, then your packets are being
forwarded to the modem from taz. However, since you haven't actually
setup NAT yet, they have the same IP as taz, which is unroutable over the
internet. (192.168.x.x I assume). Thats why you don't get a receive
NAT on seal will take packets coming in from taz, mangle them to make them
look like they're originating from seal itself so they're routable, grab
the incoming response packets and pass them on to taz. Thats why you need
the iptables / ipchains rules as well that do the mangling. And, of
course, unless ip_forward is set to 1, the nat rules won't work, as I
found out the hard way ;)
cheers!
--R.
More information about the OCLUG
mailing list