local routing

[R Scott Belford]

No, Scott, it is not as easy as a simple command line.  This could route 
traffic to your lan, but it would be irresponsible to do so without some 
kind of a firewall.  What you need is iptables.  This offers NAT and 
many other features above what ipchains does.  The thing is, if you 
install ipchains and iptables on your redhat 7.x system, you will have 
trouble insmodding the iptables.  To get around this in your gui world, 
run setup as root and configure the firewall, (can be accessed by 
running lokkit also) and set the firewall to none.  A future reboot with 
an iptables enabling script will not have the same trouble you had when 
the kernel was loading  ipchains.  Using monmotha's firewall/routing 
script will teach you some good things and make your life much easier 
and safer than any gui can.  In the future RTFM a whole lot more.  The 
linuxdoc project has a great article about ip-masquerading as well as 
some firewalling  scripts.

Well, it took me a whole lot of time of fiddling around to get to this 
point, but sense I asked such a broad and potentially loaded question I 
figured I should reply to myself.  I see why I have been told to use 
iptables for quite a long time now.  I see why there have been the posts 
praising monmotha's script.  Very smooth.  I downloaded ximian's 
control-center in search of its routing  gui only to find it missing.  I 
was just about to turn port forwarding/firewalling duties over to my 
Airport (running some flavor of bsd) when I finally cracked this nut.  
If any of you run into this same issue, I might be able to help.

scott



On Monday, January 14, 2002, at 05:29  PM, R. Scott Belford wrote:

> I am trying to route my wan to my lan within redhat 7.x  In the past I 
> have
> used Ximian's internet sharing gui.  However, I am now more man than 
> that.
> No, actually I'm not, but I am trying to do it in a more challenging 
> way.
>
> Using linuxconf, it seems that I want to "set routes to alternate local 
> nets"
> under the "routing and gateway option."  Here, I have the chance to add 
> what
> interface, ip/subnet I want to route the traffic to.  It took a while 
> to get
> the system and my lan devices to accept my ip/subnet combination.  
> Once I
> did, though, I don't have any traffic flow.
>
> I have of course set the gateway of my lan devices to the ip of the nic 
> I am
> routing the traffic to.  They are using the same subnet, and the lan 
> devices
> have ip addresses sequentially higher than the gateway.  The dns 
> settings are
> correct.
>
> Am I way off in my choice of linuxconf modules to use?  Any suggestions 
> for
> ip addresses to use locally?  My 10.0.1.1/255.255.255.0 or
> 10.0.1.0/255.255.0.0 are not being accepted.  I tried some of the 
> 192.168.0.1
> combinations to no avail.  I understand what needs to be done, but the
> computer doesn't take my voice commands.  I know there is some simple 
> (for
> some of you) command line instruction that I can enter which routes the
> traffic.  I seek this wisdom; can you help?
>
> scott
>
> ---
> You are currently subscribed to luau as: sctinc at mac.com
> To unsubscribe send a blank email to $subst('Email.Unsub')