From: Edmundo Carmona <eantoranz@gmail.com>
To: netfilter@lists.netfilter.org
Subject: Re: Fwd: Route packets from an interface to another
Date: Sun, 11 Sep 2005 18:20:20 -0400 [thread overview]
Message-ID: <65aa6af905091115205648893f@mail.gmail.com> (raw)
In-Reply-To: <65aa6af9050911151962bc24a2@mail.gmail.com>
and then again I forgot to send the mail to the netfilter list. I'll
have to find a way to solve this problem.
On 9/11/05, Edmundo Carmona <eantoranz@gmail.com> wrote:
> Well.. just as I said.. if the boxes in the eth0 lan know how to reach
> the boxes, then you have to do nothing else (translation: if the boxes
> in the 192.168.2/24 network know that the router to reach the
> 192.168.3/24 network is te box we're talking about [it's eth0 IP, of
> course).... or it's default gateway knows... for that matter), then
> you are done.
>
> And when you configure an interface's IP (and netmask if needed), no
> default GW is set. Only the broadcast address... right?
>
>
>
> On 9/12/05, Rudi Starcevic <tech@wildcash.com> wrote:
> > Edmundo,
> >
> >
> > > Is that of any help?
> > Indeed yes ... many thanks.
> >
> > > I will assume you want to be able to have traffic between your two lans, right?
> > Yes. Once that is in place I'm interested in restricting the IPs who
> > travers the two networks.
> >
> > >
> > > I will delete your routing tables.
> > >
> > > I will flush all routing from the default table.
> > >
> > > Set eth0 and eth1:
> > > ifconfig eth0 blah blah
> > > ifconfig eth1 blah blah
> > >
> > > set the default gw
> > > ip route add default via gwIP
> > >
> > > let's enable forward between both interfaces:
> > > echo "1" > /proc/blah/blah/ip_forward
> > >
> > > I don't remember if eth0 is the lan with the internet router... or eth1
> >
> > It's eth0.
> >
> > >
> > > I will assume it's eth1 for this next paragraph.
> > >
> > > here's a thing you have to consider. If the boxes in the eth1 lan know
> > > how to reach the boxes in eth0 lan (that means, they know they have to
> > > use you as the router for that network), then you have to do nothing
> > > else. You will have traffic traversing between both networks. If they
> > > don't, then masquerade traffic going out eth1.
> > >
> > > There are a couple of aditional details.... but I guess that's the
> > > "core" of the problem.
> >
> > Awesome .. thanks again .. just the advice I was hoping to gain.
> >
> > I hope to build a ruleset that doesn't need Masquerading between
> > interfaces, but as we know that belongs to the LARTC list.
> >
> > Regards,
> > Rudi.
> >
> >
> >
> >
> >
>
next prev parent reply other threads:[~2005-09-11 22:20 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-09-09 19:51 Route packets from an interface to another Jonathan
2005-09-09 21:36 ` /dev/rob0
2005-09-09 21:18 ` Jonathan
2005-09-10 4:45 ` /dev/rob0
2005-09-10 7:54 ` /dev/rob0
2005-09-12 7:56 ` Jonathan
2005-09-13 1:45 ` /dev/rob0
2005-09-12 13:36 ` Rudi Starcevic
[not found] ` <65aa6af905091114314108597e@mail.gmail.com>
2005-09-11 21:32 ` Fwd: " Edmundo Carmona
2005-09-12 14:39 ` Rudi Starcevic
[not found] ` <65aa6af9050911145833fa12fd@mail.gmail.com>
2005-09-11 21:58 ` Edmundo Carmona
2005-09-12 15:06 ` Fwd: " Rudi Starcevic
[not found] ` <65aa6af9050911151962bc24a2@mail.gmail.com>
2005-09-11 22:20 ` Edmundo Carmona [this message]
2005-09-12 15:19 ` Rudi Starcevic
2005-09-11 21:34 ` /dev/rob0
2005-09-12 14:47 ` Rudi Starcevic
2005-09-12 14:51 ` Rudi Starcevic
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=65aa6af905091115205648893f@mail.gmail.com \
--to=eantoranz@gmail.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.