On Sun, Nov 12, 2006 at 09:48:03PM +0100, Hans Vogelsberger wrote: > After three weeks of studying books, manuals and HOWTOS and try- > ing to configure the two computers, I am constantly running in > circles. I can ping from one computer to the other and from the > old computer to the internet, and I can do everything I did be- > fore with my old computer, but there is no connection at all > between the new one and the internet. This I need urgently be- > cause the AMD 64 has only a daily build netinst Etch I downloa- > ded and burned to disk on October 17th. It is terribly castra- > ted (even using 'more' instead of 'less'), but there is no way > out of the networking circles without apt-get or aptitude which > seem to be unreachable. My third computer, the one within the > skull, seems to be rapidly loosing flexibility and efficiency > after an uptime of more than 75 years. > > ==================================================================== > /etc/network/interfaces > ==================================================================== > OLD: > ==== > # The loopback interface > auto lo > iface lo inet loopback > # The first network card > up sysctl -w net.ipv4.ip_forward=1 > auto eth0 > iface eth0 inet dhcp > address 192.168.1.2 > netmask 255.255.255.0 > inet_route add default gw 192.168.1.0/24 > up iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -o eth0\ > -j MASQUERADE > #*# Shouldn't these two lines be enough to guarantee > dhcp access for BOTH computers ??? #*# > # The second network card > auto eth1 > iface eth1 inet static > address 192.168.1.1 > netmask 255.255.255.0 > up iptables -A FORWARD -s 192.168.1.3 -d 192.168.1.2 > up iptables -A FORWARD -s 192.168.1.2 -d 192.168.1.3 > #*# Two lines added because route and MASQUERADE of > eth0 seemed useless, but didn't help either #*# > #*# TRIED after setting eth0 to inet static, > but TOTALLY COMMENTED OUT after resetting > eth0 to dhcp because the br0 did not find > oth0: #*# > NEW: > ==== > # The loopback interface > auto lo > iface lo inet loopback > # The second network card > up sysctl -w net.ipv4.ip_forward=1 > auto oth1 > iface oth1 inet static > address 192.168.1.3 > netmask 255.255.255.0
I am unfamiliar with trying to set up a firewall from within /etc/network/interfaces, although I see that the debian-reference does this. I have a similar setup where my 486 has the modem (although ppp). I think that the dhcp from your ISP should set the gateway; you don't need to. If running sarge, ipforward is set in /etc/network/options, and if Etch is in /etc/sysctl.conf For a basic firewall, at least until things work and you want to tweak, I use ipmasq. Out of the box it sets up a basic forwarding firewall. Later, if you want more control, use shorewall. What nameserver setup are you using for the new computer? I use dnsmasq on the 486 and point my new computer's resolv.conf at the 486. To summarize; you may be trying to do too much in /etc/network/interfaces when Debian has default ways of doing this differently. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
