Hi friend finally that router scrip is work for me and am happy
Code:
[hem, please add this line to your config of eth0 in /etc/network/interfaces:
#START
dns-nameservers <ip of name server 1>,<ip of name server 2>
#END
I don't know how its work for me I can access internet with out specify dns-nameservers on eth0
Code:
#START
for opf in $opforwards
do
$ipt -A FORWARD -i $ext -o $int -p tcp --dport $opf-j ACCEPT
$ipt -t nat -A PREROUTING -i $ext -p tcp --dport $opf -j DNAT --to $ip:$opf
done
#END
to
#START
for opf in $opforwards
do
$ipt -A FORWARD -i $ext -o $int -p tcp --dport $opf -j ACCEPT
$ipt -t nat -A PREROUTING -i $ext -p tcp --dport $opf -j DNAT --to $ip:$opf
done
#END
is this both are the same script ...On that router script says about log ...where I can find the log and how its work ...and I need to know on the dns part of the client pc I give server's eth1 ip is given first time this not give the connection to internet when I give eth1 gateway connection ok for me .Is this is any wrong ..
Thank for the information of Zentyal ..but I give my hands on ubuntu ....I need to learn ubuntu ...I know I cnt study whole ...
I need to run your scrip also ...this is my 14th day on this issue but your words give me more courage ..
This is the whole thing I did on my system
Code:
echo -e "\n\nLoading simple rc.firewall-iptables version $FWVER..\n"
DEPMOD=/sbin/depmod
MODPROBE=/sbin/modprobe
EXTIF="eth0"
INTIF="eth1"
#INTIF2="eth0"
echo " External Interface: $EXTIF"
echo " Internal Interface: $INTIF"
#======================================================================
#== No editing beyond this line is required for initial MASQ testing ==
echo -en " loading modules: "
echo " - Verifying that all kernel modules are ok"
$DEPMOD -a
echo "----------------------------------------------------------------------"
echo -en "ip_tables, "
$MODPROBE ip_tables
echo -en "nf_conntrack, "
$MODPROBE nf_conntrack
echo -en "nf_conntrack_ftp, "
$MODPROBE nf_conntrack_ftp
echo -en "nf_conntrack_irc, "
$MODPROBE nf_conntrack_irc
echo -en "iptable_nat, "
$MODPROBE iptable_nat
echo -en "nf_nat_ftp, "
$MODPROBE nf_nat_ftp
echo "----------------------------------------------------------------------"
echo -e " Done loading modules.\n"
echo " Enabling forwarding.."
echo "1" > /proc/sys/net/ipv4/ip_forward
echo " Enabling DynamicAddr.."
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
echo " Clearing any existing rules and setting default policy.."
iptables-restore <<-EOF
*nat
-A POSTROUTING -o "$EXTIF" -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -i "$EXTIF" -o "$INTIF" -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -i "$INTIF" -o "$EXTIF" -j ACCEPT
-A FORWARD -j LOG
COMMIT
EOF
echo -e "\nrc.firewall-iptables v$FWVER done.\n"
After configuring the 2 variables, save the script below as nat.sh and make it executable by doing
*
chmod a+x nat.sh
now change the value of this in /etc/sysctl.conf:
Code:
# Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1
Now, test the script by running as root
*
sudo sh nat.sh
*
If ping responds, make our new script bootable so we don't have to run the script every time we restart.
*
sudo cp nat.sh /etc/init.d/
sudo ln -s /etc/init.d/nat.sh /etc/rc2.d/S95masquradescript
As a final test, restart your computer and test to see if you still have the same functionality. If so then congratulations! If not then make sure you followed the above correctly so the script is bootable.
sudo iptables-save > /etc/iptables.up.rules
do like this in /etc/network/interfaces
auto lo
iface lo inet loopback
pre-up iptables-restore < /etc/iptables.up.rules
auto eth0
iface eth0 inet static
address 192.168.1.155
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
gateway 192.168.1.1
auto eth1
iface eth1 inet static
address 200.119.2.1
netmask 255.255.255.0
network 200.119.2.0
broadcast 200.119.2.255
dns-nameservers 192.168.1.1
Be frank wineman I dont know how Its work for me ..I am going to test it on virtual box
Bookmarks