Routing to a wlan...
|
| Author | Content |
|---|---|
| techiem2 May 26, 2008 11:10 AM EDT |
Ok, so I'm setting up my laptop as a router so when I'm working on a second laptop at work things will be easier.
I am trying to route from the ethernet to the wireless.
I have dhcp and named enabled and working ( a client connected to lan can get dns lookups).
I have shorewall installed and basically configured (lan zone and wlan zone, everything accepts from everywhere).
The laptop is on the wireless and works.
The client can get dns lookups.
But the client doesn't seem able to get anything else past the router.
I assume dns works because the client is asking the laptop and named on the laptop is retrieving the info from "upstream". So I guess the question is, is it not working because of the WEP on the wireless router? Is it seeing the requests as coming from the client and not from the laptop router? I've never messed with routing with wireless before so I'm a bit lost. Any suggestions? Thanks! |
| Bob_Robertson May 26, 2008 12:14 PM EDT |
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
echo "1" > /proc/sys/net/ipv4/ip_forward iptables -P INPUT ACCEPT iptables -F INPUT iptables -P OUTPUT ACCEPT iptables -F OUTPUT iptables -P FORWARD DROP iptables -F FORWARD iptables -t nat -F iptables -A INPUT -i eth1 -d 208.180.42.100 -j DROP iptables -A FORWARD -i ath0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth1 -o ath0 -j ACCEPT iptables -t nat -A POSTROUTING -o ath0 -j MASQUERADE |
| techiem2 May 26, 2008 12:50 PM EDT |
ok, so I assume in your example eth1 is the ethernet and ath0 is wireless you are routing to? |
| Bob_Robertson May 26, 2008 1:28 PM EDT |
Yes. eth1 is the local hard wire, ath0 is the wifi to which the ethernet is being routed. The wifi is closed. The system being routed is hard wired to eth1. I have not made the system into a wifi access point, just to make sure that that's not what you were trying to do. Either way, you have to have some kind of NAT or bridging configuration in iptables in order for traffic to transverse the system. I prefer NAT just because I'm very accustomed to it. |
| techiem2 May 26, 2008 1:55 PM EDT |
Thanks! That works perfectly! Now I just have to figure out what's wrong with my shorewall config.... |
| techiem2 May 26, 2008 2:09 PM EDT |
Aha!
I had to set the masq interfaces in the shorewall config. Yay! my laptop is a lan to wlan router now! hehe. |
| Bob_Robertson May 27, 2008 6:10 AM EDT |
Hmmm.... Just for the record, you can take out that "208.180.42.100 -j DROP" line. (Bob strolls off, scratching his head as to why he put a drop statement in that points to a DNS server...) |
| techiem2 May 27, 2008 8:34 AM EDT |
lol.
Yeah, I ignored that line when I was testing your raw iptables lines since I wasn't sure what you were trying to drop packets going to. |
You cannot post until you login.