On Tuesday 09 May 2006 05:26, Mrugesh Karnik <[EMAIL PROTECTED]> wrote about '[gentoo-user] OT - Need help with NAT': > Hi, > > I have been having trouble forwarding packets using iptables on my > Gentoo box. I am no iptables expert. > > I connect to the internet using rp-pppoe. I use firestarter for > firewalling. Yesterday I installed VMware and chose host only > networking between the VMs. vmnet0 was bound to 192.168.128.1 and the > rest of the subnet being 192.168.128.0/24. > > As should be obvious by now, I need to forward packets from ppp0 to > vmnet0 and allow outbound packets as well.
Add
net.ipv4.conf.all.forwarding = 1
to
/etc/sysctl.conf
and apply the setting by issuing
sysctl -p
as root.
Issue the command:
iptables -t nat -A POSTROUTING \
-o ppp0 \
--source 192.168.128.0/24 \
-j MASQUERADE
also as root.
You may also want to issue:
iptables -t mangle -A OUTPUT \
-p tcp \
--tcp-flags SYN,RST SYN \
-j TCPMSS --clamp-mss-to-pmtu
and possibly
iptables -t mangle -A OUTPUT \
-p tcp \
--tcp-flags SYN,RST SYN \
-j TCPMSS --clamp-mss-to-pmtu
as root to help control packet fragmentation.
I believe the iptables init script should handle saving/restoring these
rules on reboot.
I have NO IDEA how to add these iptables rules to firestarter.
--
"If there's one thing we've established over the years,
it's that the vast majority of our users don't have the slightest
clue what's best for them in terms of package stability."
-- Gentoo Developer Ciaran McCreesh
pgpd4zSypOuyO.pgp
Description: PGP signature
