Coucou,
Bon je craque je poste un message car je n'y arrive pas...
J'ai bien cherché partout mais je suis coincé.
Voici mon problème:
J'ai une machine (cassbeck) avec une F8 d'installé qui va servir de passerelle pour une autre machine (NSLU2)
But du jeu:
Accéder à internet depuis la machine NSLU2.
Topologie:
FREEBOX (192.168.100.254) configurée en serveur DHCP (192.168.100.xxx)
cassbeck (client DHCP de la FREEBOX) (192.168.100.11 dans l'exemple) interface wlan0
cassbeck interface eth0 configuré en 192.168.1.254 ip_forwarding d'insallé et iptables configurés
NSLU2 eth0 configuré en 192.168.1.1
Ce qui marche:
La machine cassbeck se connecte correctement à internet.
Ce qui ne marche pas:
La machine NSLU2 ne se connecte pas à internet
Investigation:
Il semble que je ne sois pas capable de configurer ma machine cassbeck en tant de passerelle.
Les infos utiles:
Configuration de la machine NSLU2.
Normalement tout est ok !!!
root@NSLU2:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:14:BF:63:45:A0
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:558 errors:0 dropped:0 overruns:0 frame:0
TX packets:486 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:256
RX bytes:50605 (49.4 KiB) TX bytes:66642 (65.0 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:54 errors:0 dropped:0 overruns:0 frame:0
TX packets:54 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4284 (4.1 KiB) TX bytes:4284 (4.1 KiB)
root@NSLU2:~# cat /etc/resolv.conf
search bully
nameserver 212.27.53.252
nameserver 212.27.54.252
root@NSLU2:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
default 192.168.1.254 0.0.0.0 UG 0 0 0 eth0
root@NSLU2:~# traceroute 209.85.129.99
traceroute to 209.85.129.99 (209.85.129.99), 30 hops max, 40 byte packets
1 192.168.1.254 (192.168.1.254) 0.544 ms 3.406 ms 3.321 ms
2 * * *
Configuration de la machine cassbeck.
[root@cassbeck ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:11:2F:F5:3E:97
inet addr:192.168.1.254 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::211:2fff:fef5:3e97/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:566 errors:0 dropped:0 overruns:0 frame:0
TX packets:785 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:77185 (75.3 KiB) TX bytes:79356 (77.4 KiB)
Interrupt:16 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:10062 errors:0 dropped:0 overruns:0 frame:0
TX packets:10062 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:84429244 (80.5 MiB) TX bytes:84429244 (80.5 MiB)
wlan0 Link encap:Ethernet HWaddr 00:08:A1:AD:CF:23
inet addr:192.168.100.11 Bcast:192.168.100.255 Mask:255.255.255.0
inet6 addr: fe80::208:a1ff:fead:cf23/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:45690 errors:0 dropped:0 overruns:0 frame:0
TX packets:29747 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:63568440 (60.6 MiB) TX bytes:2918809 (2.7 MiB)
wmaster0 Link encap:UNSPEC HWaddr 00-08-A1-AD-CF-23-E8-6B-00-00-00-00-00-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
[root@cassbeck ~]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.100.0 * 255.255.255.0 U 0 0 0 wlan0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 wlan0
default 192.168.100.254 0.0.0.0 UG 0 0 0 wlan0
[root@cassbeck ~]# traceroute 209.85.129.99
traceroute to 209.85.129.99 (209.85.129.99), 30 hops max, 40 byte packets
1 192.168.100.254 (192.168.100.254) 1.830 ms 2.353 ms 2.736 ms
2 88.172.39.254 (88.172.39.254) 34.755 ms 35.771 ms 36.204 ms
3 rouen-6k-1-a5.routers.proxad.net (213.228.11.62) 37.825 ms 38.794 ms 39.310 ms
4 * * *
5 * * *
6 ldc-6k-1-po20.intf.routers.proxad.net (212.27.51.10) 46.655 ms 38.082 ms 35.468 ms
7 google.freeix.net (213.228.3.136) 53.162 ms 53.716 ms 55.034 ms
8 72.14.232.104 (72.14.232.104) 85.594 ms 86.008 ms 72.14.233.105 (72.14.233.105) 50.026 ms
9 72.14.232.167 (72.14.232.167) 51.095 ms 72.14.232.201 (72.14.232.201) 51.788 ms 72.14.232.167 (72.14.232.167) 52.443 ms
10 72.14.233.210 (72.14.233.210) 46.968 ms 47.265 ms 72.14.233.206 (72.14.233.206) 50.835 ms
11 fk-in-f99.google.com (209.85.129.99) 47.523 ms 48.232 ms 48.651 ms
[root@cassbeck ~]# cat /etc/sysctl.conf
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0
# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0
# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1
# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1
[root@cassbeck ~]# cat /proc/sys/net/ipv4/ip_forward
1
[root@cassbeck ~]# /sbin/iptables -A POSTROUTING -t nat -o wlan0 -j MASQUERADE
[root@cassbeck ~]# /etc/init.d/iptables status
Table: nat
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
1 MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
Chain RH-Firewall-1-INPUT (1 references)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
3 ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
4 ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
5 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353
6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631
7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631
8 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
10 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:137
11 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:138
12 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:139
13 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:445
14 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
15 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
J'ai essayer de désactiver les iptables et ça ne marche toujours pas... Snif
HELP !!!!
