Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Cofiguring a Proxy

Cofiguring a Proxy 10 years 3 months ago #15078

  • alerizwe
  • alerizwe's Avatar
  • Offline
  • New Member
  • Posts: 8
  • Karma: 0
I am tryin to learn IPtables and for i connected a PC ( 192.168.2.51) i assigned it
192.168.2.52 (My PC)as its default gateway. My machine is connected to server 192.168.2.1.
Now 192.168.2.51 is unable to access INTERNET wht i shud do to enable it to access INTERNET. As i plan to install iptables on my machine n do some experiments.
The administrator has disabled public write access.

Re: Cofiguring a Proxy 10 years 3 months ago #15092

  • nske
  • nske's Avatar
  • Offline
  • Expert Member
  • Posts: 613
  • Karma: 0
Allright, here's what I assume, if I'm wrong somewhere correct me:

- Your PC-A has two network interfaces, the first is connected to a gateway that provides a way to the internet (192.168.2.1), and the second interface is connected to PC-B (192.168.2.51).

- 192.168.2.52 is the address of your PC-A, assigned to one of the two interfaces

- PC-A has already access to the internet, after you add the proper route and define DNS servers [code:1]# route delete default
# route add default gw 192.168.2.1
# echo "nameserver x.x.x.x" > /etc/resolv.conf[/code:1]

- You want PC-B, to be able to find it's way to the internet

For this you do not need IPtables (you would only need them if you had to do NAT, however from what I understood you already have a router that does that). In any case, the first thing you should do is assign network addresses on seperate networks on both of your interfaces. That is, make a seperate network for the first interface of PC-A and the router (i.e. 192.168.2.0/24) and an other one for the second interface of PC-A and PC-B that is connected on it (i.e. 192.168.3.0/24).

Then make sure IP forwarding capability on PC-A is enabled, and if not activate it:

[code:1]# cat /proc/sys/net/ipv4/ip_forward
# echo "1" > /proc/sys/net/ipv4/ip_forward[/code:1]

Finally configure your router with address 192.168.0.1, to forward any traffic (replies) for 192.168.0.0/16 to PC-A.

Now PC-B (provided that it has correctly configured gateway and DNS server) should be able to find it's way to the internet.

You can of course manipulate traffic through iptables any way you want, but take your time to familiarize first, because it's not a small chapter ;)

The place to begin exploring IPtables is the documentation section of netfilter.org. If you have any question down the road we'll gladly help as best as we can :)
The administrator has disabled public write access.

Re: Cofiguring a Proxy 10 years 3 months ago #15093

  • monsky
  • monsky's Avatar
  • Offline
  • Distinguished Member
  • Posts: 177
  • Karma: 0
hi alerizwe,

i agree with nske. i got the same question before and nske has explained well the requirements that you should not be missed out.

- PC-A has already access to the internet, after you add the proper route and define DNS servers
Code:
# route delete default
# route add default gw 192.168.2.1
# echo "nameserver x.x.x.x" > /etc/resolv.conf

- You want PC-B, to be able to find it's way to the internet

and take note of the ip forwarding:
Then make sure IP forwarding capability on PC-A is enabled, and if not activate it:

Code:
# cat /proc/sys/net/ipv4/ip_forward
# echo "1" > /proc/sys/net/ipv4/ip_forward

:)
The administrator has disabled public write access.

Thnx but..... 10 years 3 months ago #15096

  • alerizwe
  • alerizwe's Avatar
  • Offline
  • New Member
  • Posts: 8
  • Karma: 0
Thnx for such a detailed reply but unfortunately i cudnt explain properly i guess
:( i want 192.168.2.52 to route all its traffic to my pc 192.168.2.51 and as my
pc has default gate of 192.168.2.1 i think the traffic of 192.168.2.52 will reach 192.168.2.1having my machine (192.168.2.52) acting as a middleman. This machine(192.168.2.1) is connected to router via switch through an interface having a global IP.
I want 192.168.2.52 to reach internet going through my machine( 192.168.2.52)
and as i ve only ONE NIC CARD isnt it so that its traffic will then be routed to 192.168.2.1 ( whiich is my pc's default gateway :S)
Hope u guys got wht i want now.
The administrator has disabled public write access.

Re: Cofiguring a Proxy 10 years 3 months ago #15105

  • nske
  • nske's Avatar
  • Offline
  • Expert Member
  • Posts: 613
  • Karma: 0
as i ve only ONE NIC CARD

You will need to have two NIC on your PC to do what you want. Routing, by definition, involves more than one seperate networks. It might work if you use virtual interfaces, however it would get unnecessarily complicated for beggining, and it is an inappropriate practice for real use anyway. I suggest you just add a second NIC (you might be able to find some used, even for as low as 1-2$).

However if you still want to give it a try, you can create a virtual interface on PC-A through ifconfig (i.e. ifconfig eth0:1 192.168.3.1 netmask 255.255.255.0), assign an address on the same network on your PC-B, and define 192.168.3.1 as the default gateway on it. The rest of the confguration is just like Monsky quoted. I'm not sure if that would work since there are a couple of things involved, but even if it works remember it's only appropriate for testing ;)

PS. You might need to define a different MAC address on your virtual interface, you can do this using the "hw class" argument of ifconfig (for more information check man 8 ifconfig).
The administrator has disabled public write access.
Time to create page: 0.081 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup