You are not logged in.
I sometimes use my laptop as a router for one of my machines that isn't connected to a network, so that I can run updates etc. I used to do this successfully on my old laptop running Kubuntu, but now on Arch I'm having trouble getting it working.
The computer runs Debian squeeze and connects to the laptop via cable on eno1. The laptop is connected to my wireless network on wlp3s0.
I have dnsmasq installed and configured as follows:
interface=eno1
except-interface=wlp3s0
bind-interfaces
dhcp-range=192.168.0.50,192.168.0.150,12h
dhcp-option-force=208,f1:00:74:7e
dhcp-option-force=209,configs/common
dhcp-option-force=210,/srv/tftpboot/
dhcp-option-force=211,30i
dhcp-boot=pxelinux.0
enable-tftp
tftp-root=/srv/tftpbootThen I have this script which sets up routing:
#!/bin/bash
LAN_NIC=eno1
WAN_NIC=wlp3s0
sudo ip addr replace 192.168.0.1/255.255.255.0 $LAN_NIC
sudo systemctl start dnsmasq
sudo iptables -t nat -A POSTROUTING -o $WAN_NIC -j MASQUERADE
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forwardAfter running these:
- eno1 isn't getting its IP via the script, but I was able to manually set it using NetworkManager, so that's not important right now
- DHCP is working, because the deb box gets an IP in the correct range
- The deb box gets a default gw of 192.168.01. I can ping the default gw.
- I can resolve hostnames from the deb box, so DNS is working.
- /procy/sys/net/ipv4/ip_forward is indeed 1
- the output of iptables -L is this:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:bootps
ACCEPT tcp -- anywhere anywhere tcp dpt:bootps
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere 192.168.122.0/24 ctstate RELATED,ESTABLISHED
ACCEPT all -- 192.168.122.0/24 anywhere
ACCEPT all -- anywhere anywhere
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT)
target prot opt source destination (the 192.168.122.0 stuff is related to libvirt, I believe).
however
- I can't ping anything beyond the default gw from the deb box. I get the first packet back with something about "Redirect Host", then Destination Host Unreachable for the rest of the packets.
- I can't download anything. It just says "no route to host".
What am I missing here?
Offline
Well, I got it working; I deleted eno1 from network manager's clutches, then set it's IP with good ol' ifconfig. Works just fine.
Can't figure out why the ip addr command doesn't seem to work, but hopefully ifconfig will stick around for a few more years.
Offline