Routing to a wlan...

Forum: LinuxTotal Replies: 7
Author Content
techiem2

May 26, 2008
11:10 AM EDT
Ok, so I'm setting up my laptop as a router so when I'm working on a second laptop at work things will be easier. I am trying to route from the ethernet to the wireless. I have dhcp and named enabled and working ( a client connected to lan can get dns lookups). I have shorewall installed and basically configured (lan zone and wlan zone, everything accepts from everywhere). The laptop is on the wireless and works. The client can get dns lookups. But the client doesn't seem able to get anything else past the router. I assume dns works because the client is asking the laptop and named on the laptop is retrieving the info from "upstream".

So I guess the question is, is it not working because of the WEP on the wireless router? Is it seeing the requests as coming from the client and not from the laptop router? I've never messed with routing with wireless before so I'm a bit lost. Any suggestions?

Thanks!
Bob_Robertson

May 26, 2008
12:14 PM EDT
echo "1" > /proc/sys/net/ipv4/ip_dynaddr echo "1" > /proc/sys/net/ipv4/ip_forward

iptables -P INPUT ACCEPT iptables -F INPUT iptables -P OUTPUT ACCEPT iptables -F OUTPUT iptables -P FORWARD DROP iptables -F FORWARD iptables -t nat -F

iptables -A INPUT -i eth1 -d 208.180.42.100 -j DROP

iptables -A FORWARD -i ath0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth1 -o ath0 -j ACCEPT

iptables -t nat -A POSTROUTING -o ath0 -j MASQUERADE
techiem2

May 26, 2008
12:50 PM EDT
ok, so I assume in your example eth1 is the ethernet and ath0 is wireless you are routing to?
Bob_Robertson

May 26, 2008
1:28 PM EDT
Yes. eth1 is the local hard wire, ath0 is the wifi to which the ethernet is being routed.

The wifi is closed. The system being routed is hard wired to eth1.

I have not made the system into a wifi access point, just to make sure that that's not what you were trying to do.

Either way, you have to have some kind of NAT or bridging configuration in iptables in order for traffic to transverse the system. I prefer NAT just because I'm very accustomed to it.

techiem2

May 26, 2008
1:55 PM EDT
Thanks! That works perfectly! Now I just have to figure out what's wrong with my shorewall config....
techiem2

May 26, 2008
2:09 PM EDT
Aha! I had to set the masq interfaces in the shorewall config.

Yay! my laptop is a lan to wlan router now!

hehe.

Bob_Robertson

May 27, 2008
6:10 AM EDT
Hmmm.... Just for the record, you can take out that "208.180.42.100 -j DROP" line.

(Bob strolls off, scratching his head as to why he put a drop statement in that points to a DNS server...)

techiem2

May 27, 2008
8:34 AM EDT
lol. Yeah, I ignored that line when I was testing your raw iptables lines since I wasn't sure what you were trying to drop packets going to.

You cannot post until you login.