On 6/15/05, Kevin J. Cummings ... > If you want arrakis to forward packets from eth1 to eth0, you need to > enable IP forwarding. Its a kernel parameter, and can be specified in > your /etc/sysctl.conf by adding the following lines: > > > # Controls IP packet forwarding > > net.ipv4.ip_forward = 1 > > (without the "> " parts) > > Make sure to reboot your kernel after adding those lines, *or* > > /sbin/sysctl net.ipv4.ip_forward=1 > > to make it happen immediately. This will allow packets from caladan to > be forwarded through arrakis to the internet. Caution: routers beyond > arrakis *must* know how to route back to caladan! If they don't > recognize the IP address, you won't get a packets back! If this is the > case, you might be able to get around that by enabling masquarading > (NAT) on arrakis. Then caladan's packets will be sent out with arrakis' > IP address as the return point, and arrakis will forward any return > packets to caladan. NAT must be enabled in arrakis' iptables > configuration. I used the following rules: > > > # iptables -L -t nat > > Chain PREROUTING (policy ACCEPT) > > target prot opt source destination > > > > Chain POSTROUTING (policy ACCEPT) > > target prot opt source destination > > MASQUERADE all -- anywhere anywhere > > > > Chain OUTPUT (policy ACCEPT) > > target prot opt source destination > > and my computer forwards and NATs the computers on my home and USB > networks..... ... I did the first part, but the iptables is a bit confusing. I took a look at "iptables -h" and "man iptables" to get an idea. those are rules to add to the NAT table? really, I think I just want the computers to be able to ping each other, sort of a networking "hello world" idea. thanks, Thufir
