3 nics in linux box (iptables)

From: Jeremy (gtg120d_at_mail.gatech.edu)
Date: 04/26/05 

Date: Tue, 26 Apr 2005 04:53:18 -0400

Hello,

I'm sure this has to be easy and I've been looking everywhere but
everything I've tried has come to no avail.

I have a Fedora core 3 (2.6.11-1.14_FC3) machine with 3 nics (one
getting the internet(eth0) and the other two going out to two different
machines--a PC(eth1) and an XBOX(eth2)).

Only eth1 gets internet--so if I put the PC or XBOX there each works
fine. But having either one hooked up to eth1 and the other hooked up
to eth2--eth2 does not get internet. The following are my files and
setups, hopefully I'm just doing something blantanly stupid.

Thanks for any help,
Jeremy

------------------------------
Hardware on Linux machine
------------------------------
eth0-Realtex
eth1-3COM 3c905b
eth2-Linksys NC100

-------------------------------
/etc/rc.d/rc.local
-------------------------------
touch /var/lock/subsys/local
/etc/rc.d/rc.ipmasq

--------------------------------
/etc/rc.d/rc.ipmasq
--------------------------------
# Set up IP FORWARDing and Masquerading
IPTABLES=iptables

# Windows PC
NETWORK1=192.168.0.0/24

#XBox
NETWORK2=192.168.10.0/24

$IPTABLES -t nat -A POSTROUTING -s $NETWORK1 -j MASQUERADE
$IPTABLES -A FORWARD -s $NETWORK1 -j ACCEPT
$IPTABLES -A FORWARD -d $NETWORK1 -j ACCEPT

$IPTABLES -t nat -A POSTROUTING -s $NETWORK2 -j MASQUERADE
$IPTABLES -A FORWARD -s $NETWORK2 -j ACCEPT
$IPTABLES -A FORWARD -d $NETWORK2 -j ACCEPT

echo 1 > /proc/sys/net/ipv4/ip_forward

------------------------------------------
eth1 config (on linux machine)
------------------------------------------
Address: 192.168.0.3
Subnet mask: 255.255.255.0
Default gateway address: $IP_OF_LINUX_BOX

------------------------------------------
eth2 config (on linux machine)
------------------------------------------
Address: 192.168.10.3
Subnet mask: 255.255.255.0
Default gateway address: $IP_OF_LINUX_BOX

------------------------------------------
eth1 config (on PC machine) (connected at eth1 on linux box)
------------------------------------------
Address: 192.168.0.8
Subnet mask: 255.255.255.0
Default gateway address: 192.168.0.3
DNS Servers: $IPS_FROM_MY_ISP

------------------------------------------
eth1 config (on XBOX) (connected at eth2 on linux box)
------------------------------------------
Address: 192.168.10.8
Subnet mask: 255.255.255.0
Default gateway address: 192.168.10.3
DNS Servers: $IPS_FROM_MY_ISP

------------------------------------------
/etc/hosts.allow
------------------------------------------
SSHd2: 192.168.0. 192.168.10.
SSHd: 192.168.0. 192.168.10.
SSHfwd-X11: 192.168.0. 192.168.10.

-------------------------------------------
/etc/hosts.deny
-------------------------------------------
ALL:0.0.0.0

-------------------------------------------
Resulting output of "iptables -L"
-------------------------------------------
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
ACCEPT all -- 192.168.0.0/24 anywhere
ACCEPT all -- anywhere 192.168.0.0/24
ACCEPT all -- 192.168.10.0/24 anywhere
ACCEPT all -- anywhere 192.168.10.0/24

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT ipv6-crypt-- anywhere anywhere
ACCEPT ipv6-auth-- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:5353
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW
tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with
icmp-host-prohibited

Relevant Pages