Re: dialup solution (as seconary connection / iptables )
- From: sammy <sambo@xxxxxxxxxxxx>
- Date: Tue, 25 Nov 2008 12:12:35 -0500
Felix Tiede wrote:
sammy wrote:I suppose that could work if I keep checking IFCONFIG until ppp0 appears.
Greetings,
Let me first ask in short the most pressing IPTABLES question.
1. Where and how do I alter the source IP to my ppp0 internet IP.
Given I already have:
Have a look at /etc/ppp/ip-up.d and /etc/ppp/ip-down.d - you can put scripts
there which are executed on dialing a connection and on hang up. You'd need
to figure out if the correct connection has been dialed or hanged up and
WOW you are right there is ip-up and ip-down mostly commented out,
and ip-up is around (still running) when network is established. I thought the ip messages are from pppd as stderr.
...... TOTALLY forgot their existence.
I guess my problem with dropped connection is solved, at first thought ip-up was fedora equivalent to /usr/sbin/ppp-go ( and stop) and that you forgot about it going down on it's own.
execute all you want. Have a look atiptables -R
# iptables -R
it allows you to specify the number (counting from 1 as the top-most rule of
the specified chain) of the rule you want to replace. Change it when you
dialed in and change it back when you hanged up.
Unknown argument in iptables 1.3.8
DID you mean -I 1 ( or is it 0 )
I do have firewall-masq and firewall-standalone but assuming this is for
route add my.news.ip.num my.isp.gateway
iptables -t nat -A PREROUTING -p tcp -d 192.168.0.6 --dport 119 -j DNAT
--to-destination 64.news.ip.num
This one should be set up in your iptables init script, so it is already
there when you dial in to your ISP.
single interface (ppp) I haven't given it much consideration.
Currently I have default route to router and out to DSL internet.
When I dial out I have a HOST route to the ISP, so I guess I have to
manualy add << SNIP >>
<< SNIP >>
Oh right (static routes), I can enter redirection for those 3 or 4 addresses based on just ip ( since they don't serve anything else ) into the router. Only problem is it doesn't let me enter single ip mask,
You should rather set up your news-reader to use 64.news.ip.num as news
source, masquerading your connection after dialup (see below) would do the
rest then.
lucky for me news are 247 and 250 so 255.255.255.240 it is.
<<snip>>
You should masquerade your outgoing connections like this:Well now that may work.
# iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
which you can do as well from ppp's ip-up scripts.
OOOPs the router is not sending the trafic to the modem server.
looks like I am stuck with 192.168.0.6:119 as the news server address.
Unless the conflict is with the fact that the router (netgear WGR614v3 ) has DHCP on (11- ), but I an using all static addresses below that hmmm. no it shouldn't, that would be a serious bug.
So back to
iptables -t nat -A PREROUTING -j snat --from-source $4 ( $4 in ip-up )
and
-j masquerade
Thanks
.
- Follow-Ups:
- Re: dialup solution (as seconary connection / iptables )
- From: Felix Tiede
- Re: dialup solution (as seconary connection / iptables )
- References:
- dialup solution (as seconary connection / iptables )
- From: sammy
- Re: dialup solution (as seconary connection / iptables )
- From: Felix Tiede
- dialup solution (as seconary connection / iptables )
- Prev by Date: Re: ADVERT: C12
- Next by Date: Re: dialup solution (as seconary connection / iptables )
- Previous by thread: Re: dialup solution (as seconary connection / iptables )
- Next by thread: Re: dialup solution (as seconary connection / iptables )
- Index(es):
Relevant Pages
|
