Aw: Re: [slightly OT & long] PPPoE iptables NAT

Albrecht Dreß albrecht.dress at arcor.de
Fri May 6 08:25:02 MDT 2005 

Hi all,

first thanks a lot for your replies...

> I couldn't agree with you more.  I used to believe that I had to save
> all old hardware from landfills.  I set up an old PC250Mhz with
> smoothwall - http://www.smoothwall.org/ - as a gateway firewall.  It
> worked great.  Then winter came and my electricity bill was getting
> out of hand.  Without going into extreme detail, computers use a lot
> of electricity compared to a DSL modem and a router/ firewall with
> NAT.

Well, the G4 as depicted in the original message is actually my destop machine... It is usually running, so there is no need to have just an other box for routing as Linux *should* be able to do that - it was possible with ISDN, and MacOS X does it perfectly!

> > My experiences with using a computer as a gateway to the Internet
> > for a
> > home network have taught me that it can be done, but why would you
> > want
> > to. It's not very efficient, and is a waste of a compute resource.

Well, the "small net" behind is actually a eMac, sometimes an iBook and a printer.. not much traffic there!

> > The simplest solution is use a router that performs NAT as your
> > gateway:
[snipped ASCII art]

See above - imho, this is more complicated.

> > On Fri, 2005-05-06 at 11:47 +0000, Albrecht Dreß wrote:
> > > Hi,
> > > 
> > > sorry for a slightly off-topic question regarding NAT with a
> > PPPoE network.
> > > 
> > > I have a home network looking as follows:
> > > 
> > >          192.168.42.3
> > >          -----------     -------
> > >         | G4 Silver |   |       |---DSL Modem (ppp0)
> > > ISDN---|ippp0  eth0|---|Switch |---more Macs (192.168.42.x)
> > >          -----------     -------
> > > 
> > > The G4 is running Yellowdog 4.01 with a self-compiled 2.6.11.4
> > kernel.
> > > 
> > > The "old" setup was an ISDN connection (no DSL present), and the
> > G4 worked  
> > > as router. Everything was perfect for the "local" net, except
> > that the  
> > > hardware (AVM Fritz) was not supported by MacOS, so I had no
> > internet on  
> > > the G4 (and connected clients) when running OS X.
> > > 
> > > Therefore, I removed the ISDN card, got DSL, plugged the modem
> > into the  
> > > switch, and now everything works fine with OS X. After a little
> > fiddling  
> > > around with ipfw and natd, I have routing support with OS X
> > client.
> > > 
> > > Now I tried Linux, and I have internet on the G4 itself, but
> > packets from  
> > > the local net are apparently not routed/forwarded correctly. I
> > did not  
> > > change the NAT rules in iptables (except replacing ippp0 by ppp0,
> > of  
> > > course):
> > > 
> > > <snip>
> > > [root at antares root]# iptables -t nat -L -n
> > > Chain PREROUTING (policy ACCEPT)
> > > target     prot opt source               destination
> > > 
> > > Chain POSTROUTING (policy ACCEPT)
> > > target     prot opt source               destination
> > > MASQUERADE  all  --  192.168.42.0/24      0.0.0.0/0
> > > 
> > > Chain OUTPUT (policy ACCEPT)
> > > target     prot opt source               destination
> > > </snip>
> > > 
> > > Running tcpdump on both eth0 and ppp0, I can see that e.g. a http
> > (tcp/80)  
> > > request from the local net is going through eth0, and the same
> > packet is  
> > > then passed via ppp0. The response, though, is *not* returned to
> > the  
> > > requesting client.
> > > 
> > > I am using the kernel-based pppoe modules (pppoe, pppox), not the
> > roaring  
> > > penguin package coming with YDL. Does anyone have an idea why
> > forwarding  
> > > doesn't work with this setup? Any hints how I should configure my
> > box? Or  
> > > is it impossible to use the dsl modem and the local net at the
> > same  
> > > Ethernet interface (but why does it work with OS X, then)? Any
> > pointers?
> > > 
> > > HELP! I'm really lost here...
> > > 
> > > Thanks in advance for any help,
> > > 
> > > Cheers, Albrecht.
> > > 
> > > _______________________________________________
> > > yellowdog-general mailing list
> > > yellowdog-general at lists.terrasoftsolutions.com
> > >
> >
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
> > > HINT: to Google archives, try  '<keywords>
> > site:terrasoftsolutions.com'
> > -- 
> > joseph_sacco [at] comcast [dot] net
> > 
> > _______________________________________________
> > yellowdog-general mailing list
> > yellowdog-general at lists.terrasoftsolutions.com
> >
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
> > HINT: to Google archives, try  '<keywords>
> > site:terrasoftsolutions.com'
> > 
> 
> 
> 
> 		
> __________________________________ 
> Yahoo! Mail Mobile 
> Take Yahoo! Mail with you! Check email on your mobile phone. 
> http://mobile.yahoo.com/learn/mail 
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general at lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
> HINT: to Google archives, try  '<keywords> site:terrasoftsolutions.com'
> 

Machen Sie aus 14 Cent spielend bis zu 100 Euro!
Die neue Gaming-Area von Arcor - über 50 Onlinespiele im Angebot.
http://www.arcor.de/rd/emf-gaming-1

More information about the yellowdog-general mailing list