Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19
[solved] Setting up a router
Results 1 to 7 of 7

Thread: [solved] Setting up a router

  1. #1

    Unhappy [solved] Setting up a router

    Hi

    I am trying to set up an router using Ubuntu Server 11.10. I edited the interfaces file as follows (replacing the xxx with the relevant details!)

    # set up the local loopback interface
    auto lo
    iface lo inet loopback

    # Setup External interface

    auto eth0
    iface eth0 inet static
    address xxx.xxx.xxx.xxx
    netmask xxx.xxx.xxx.xxx
    gateway xxx.xxx.xxx.xxx
    nameserver xxx.xxx.xxx.xxx
    nameserver xxx.xxx.xxx.xxx

    # Setup internalnetwork interface

    auto eth1
    iface eth1 inet static
    address 192.168.2.1
    network 192.168.2.0
    netmask 255.255.255.0
    broadcast 192.168.2.255

    After saving the file I tried to restart the networking
    $ sudo /etc/init.d/networking restart

    I then get the message
    * Reconfiguring network interfaces
    /etc/network/interfaces: duplicate option
    ifdown: couldn't read interface file /etc/network/interfaces
    /etc/network/interfaces: duplicate option
    ifdown: couldn't read interface file /etc/network/interfaces


    If I restore the backup interfaces file it reads it!

  2. #2
    It does help to read the instructions carefully!! Just realised the nameserver should be in /etc/resolv.conf and not in interfaces!!

  3. #3
    Now I have the next problem - ip forwarding an masquerading. I have edited created nat.sh as per instructions in the Router documentation.

    The code is as follows:

    echo -e "\n\nLoading simple rc.firewall-iptables version $FWVER..\n"
    DEPMOD=/sbin/depmod
    MODPROBE=/sbin/modprobe

    EXTIF="eth0"
    INTIF="eth1"
    #INTIF2="eth0"
    echo " External Interface: $EXTIF"
    echo " Internal Interface: $INTIF"

    #================================================= =====================
    #== No editing beyond this line is required for initial MASQ testing == echo -en " loading modules: "
    echo " - Verifying that all kernel modules are ok"
    $DEPMOD -a
    echo "----------------------------------------------------------------------"
    echo -en "ip_tables, "
    $MODPROBE ip_tables
    echo -en "nf_conntrack, "
    $MODPROBE nf_conntrack
    echo -en "nf_conntrack_ftp, "
    $MODPROBE nf_conntrack_ftp
    echo -en "nf_conntrack_irc, "
    $MODPROBE nf_conntrack_irc
    echo -en "iptable_nat, "
    $MODPROBE iptable_nat
    echo -en "nf_nat_ftp, "
    $MODPROBE nf_nat_ftp
    echo "----------------------------------------------------------------------"
    echo -e " Done loading modules.\n"
    echo " Enabling forwarding.."
    echo "1" > /proc/sys/net/ipv4/ip_forward
    echo " Enabling DynamicAddr.."
    echo "1" > /proc/sys/net/ipv4/ip_dynaddr
    echo " Clearing any existing rules and setting default policy.."

    iptables-restore <<-EOF
    *nat
    -A POSTROUTING -o "$EXTIF" -j MASQUERADE
    COMMIT
    *filter
    :INPUT ACCEPT [0:0]
    :FORWARD DROP [0:0]
    :OUTPUT ACCEPT [0:0]
    -A FORWARD -i "$EXTIF" -o "$INTIF" -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    -A FORWARD -i "$INTIF" -o "$EXTIF" -j ACCEPT
    -A FORWARD -j LOG
    COMMIT
    EOF

    echo -e "\nrc.firewall-iptables v$FWVER done.\n"

    I can access the internet from the linux server, I can "see" the test client from the server and "see" the server from the clint, but cannot access the internet from the client. Any suggestions would be greatly apreciated!

  4. #4
    Moderator
    Advisor
    redhead's Avatar
    Join Date
    Jun 2001
    Location
    Copenhagen, Denmark
    Posts
    811
    You need to add a rule for the initial package, you have hte RELATED/ESTABLISHED covered, but what about the NEW flag ??
    Don't worry Ma'am. We're university students, - We know what We're doing.
    'Ruiat coelum, fiat voluntas tua.'
    Datalogi - en livsstil; Intet liv, ingen stil.

  5. #5
    Hi Redhead could you be more specific ie the exats code? I am totally new to this sort of thing and have been throwen in the deepend with this and floundering some what!

  6. #6
    I eventually used the code found in this http://ubuntuforums.org/showthread.php?t=119787 and it is working.

    Now how do I mark it as solved?

  7. #7
    Moderator
    Advisor
    redhead's Avatar
    Join Date
    Jun 2001
    Location
    Copenhagen, Denmark
    Posts
    811
    Well, just as a teaser, her is a firewall script I created some years ago, it is no longer in use, since some of the rules in it no longer apply to iptables, but I use it as a reference for someone to read through it and get an idear of how/what thoughts go into setting up a firewall.

    And I've marked the thread with solved, on the OPs request.
    Don't worry Ma'am. We're university students, - We know what We're doing.
    'Ruiat coelum, fiat voluntas tua.'
    Datalogi - en livsstil; Intet liv, ingen stil.

Similar Threads

  1. setting up linux as a router (theories... i need some opinions and feedback)
    By blackhawk in forum Linux - Hardware, Networking & Security
    Replies: 2
    Last Post: 07-12-2011, 07:22 AM
  2. MSN Troubles (SOLVED)
    By -=<Night Wolf>=- in forum Windows - General Topics
    Replies: 0
    Last Post: 07-25-2005, 10:39 AM
  3. Problems Setting up RedHat 9 Box as Router
    By midraga in forum Linux - Hardware, Networking & Security
    Replies: 1
    Last Post: 04-04-2005, 06:42 PM
  4. Help setting up router
    By shebang in forum Linux - Hardware, Networking & Security
    Replies: 32
    Last Post: 04-05-2004, 02:39 AM
  5. Question on setting router or gateway
    By wing328 in forum Linux - Hardware, Networking & Security
    Replies: 5
    Last Post: 06-11-2002, 08:24 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •