routes are killing me - how to?

[Peter Bagnall]

I'd just like to emphasise something that seems to be causing a bit of 
confusion on this thread...

192.168.x.x are unrouted subnets. That is to say routers simply drop 
packets from these subnets on sight. This is why we can all use 
192.168.0.x as our private network addresses without causing mayhem 
with IP address conflicts.

Stefan Bruda is exactly right here, what you need is Masquerading. What 
this does is it catches IP packets as the enter the linux box, and 
rewrites the IP headers to make it look as if the initial request came 
from it, rather than from the private network behind. This is one 
element of NAT (network address translation). When the reply packets 
come back it recognises the session (this can be pretty tricky with non 
TCP traffic), and passes the packet back into the private network after 
readdressing it to the machine that sent the original outgoing packet.

Routing does NOT do this, and this is why playing with routing tables 
has given you no joy, despite some suggestions to the contrary.

Does that give you a better picture of what's going on? Now you're 
actually solving the right problem you should make much better progress 
;-)

Pete

On Thursday, November 7, 2002, at 01:45 PM, Stefan Bruda wrote:

> At 00:30 -0500 on 2002-11-7 Stefan Jeglinski wrote:
>>
>> I'm sorry, but IMHO finding a *simple* IPABLES how-to is not easy.
>
> Well, you want for a starter just masquerading, so take a look at
> the... masquerading howto: ;-)
>
> http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/
>
> Stefan
>
> -- 
> If it was so, it might be; and if it were so, it would be; but as
> it isn't, it ain't. That's logic.
>     --Lewis Carroll, Through the Looking-Glass
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general@lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
>