Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: NAT via iptables - Won't work!!
Special Forums IP Networking NAT via iptables - Won't work!! Post 302948464 by alirezan1 on Monday 29th of June 2015 08:55:21 PM
Old 06-29-2015
Debian NAT via iptables - Won't work!!
Hi guys

I'm running on debian on a small embedded system. I have a ppp interface that is connected to the internet (and works). My unit also has wifi access point (which works and I can connect to it).

I want to allow connections to the wifi to be able to use the internet from ppp0 interface. So basically want to set up a router type system.
right now, when I connect to my device with my phone, I cannot use the wifi. But on the shell of the embedded system, I can ping, I can load pages, i can do all sorts of things.

Here is what I have set up for my IPtables:

Quote:

echo 1 > /proc/sys/net/ipv4/ip_forward

/sbin/iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
/sbin/iptables -A FORWARD -i ppp0 -o wlan1 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i wlan1 -o ppp0 -j ACCEPT

But i still can't browse internet on my phone.

Any ideas?

Thanks!


Am I
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

why won't this Work?

hey programmers! 1-why won't gcc accept as an argument? i tried the recommendations on the man page of getch(),..etc. nothing worked. 2-why it won't see <iostream> && <fstream> even if i implemented the function as follow std::cout<<"..etc"<<endl; 3-after i type this code in it gives... (6 Replies)
Discussion started by: mbabeli
6 Replies

2. UNIX for Advanced & Expert Users

iptables internal NAT with two public IP

Hello Guys, I have a debian machine that work as a firewall (iptables + squid 2.6) with two physical interfaces: eth0 (public interface) and eth1 (internal interface LAN). I have created an alias eth1:1 in order to have two subnets on same physical interface: cat/etc/network/interfaces auto... (0 Replies)
Discussion started by: sincity2006
0 Replies

3. UNIX for Dummies Questions & Answers

sed won't work

Hi All, can anybody tell me what's wrong with this code? # SEARCH replaced by REPLACE #!/bin/bash SEARCH="95$$ 0 t" REPLACE="95$$ 1 t" for I in `ls *000.inp | cut -c-12`; do echo $I sed 's/$SEARCH/$REPLACE/' ${I}-000.inp > ${I}-100.inp done It don't replace the string... (5 Replies)
Discussion started by: f_o_555
5 Replies

4. OS X (Apple)

Why won't the at command work in Mac OS X?

I typed: echo "echo hi > at_log.txt" | at now +1minute to test the at command on my terminal. I got the message: job 8 at Thu Feb 25 18:42:00 2010 I waited for a minute but nothing happened. I tried listing at_log.txt, but it said there was no such file. Am I doing something... (2 Replies)
Discussion started by: Ultrix
2 Replies

5. BSD

Install cd won't work

Hi! I'm sure that somebody here installed freeBSD from a download of a virtual disc (.iso). But I made 5 downloads of 5 differents freeBSD installation (and no one has worked).Can somebody tell me where to download and how (if needed) to prepare the cd? (8 Replies)
Discussion started by: maxum
8 Replies

6. UNIX for Dummies Questions & Answers

Images won't work?

Hello, Images won't work on UNIX when I try posting them on my website I'm working on. It doesn't show the image, and it's simply erroring. Help! Thanks! (5 Replies)
Discussion started by: yazan
5 Replies

7. Red Hat

NAT Loopback and iptables

Hello, please can you help and explain me. I have two servers. Both are RHEL6. I use the first one like router and the second one for apache. Router forwards 80 port on the second server and I can open that from the internet (mysite.com, for example). But I can not open mysite.com if i try to... (0 Replies)
Discussion started by: 6765656755
0 Replies

8. Cybersecurity

iptables in a NAT scenario

Hi, I am learning IPTables have this question. My server is behind a firewall that does a PAT & NAT to the LAN address. Internet IP: 68.1.1.23 Port: 10022 Server LAN IP: 10.1.1.23 port: 22 Allowed Internet IPs: 131.1.1.23, 132.1.1.23 I want to allow a set of IPs are to be able to... (1 Reply)
Discussion started by: capri_guy84
1 Replies

9. IP Networking

Nat and packet limits with iptables

Hi all, I have a following situation: - I want certain source IPs to be natted to a different destination IP and Port. Following is how I am achieving it: /usr/local/sbin/iptables -t nat -A PREROUTING -p tcp -s 192.168.10.12 --dport 1500 -j DNAT --to-destination 192.168.10.20:2000 ... (3 Replies)
Discussion started by: ahmerin
3 Replies

10. Cybersecurity

Openvpn nat and iptables

good day good people hi first to tell that firewall and vpn is working as expected, but I notice something strange. I have host system 11.11.11.11(local ip) firewall is blocking everything except port to vpn. I have vpn on virtualized system 22.22.22.22 (CentOS both host and virtual). ... (0 Replies)
Discussion started by: end
0 Replies

LEARN ABOUT CENTOS

iptables-xml

IPTABLES-XML(1) 						  iptables 1.4.21						   IPTABLES-XML(1)

NAME

       iptables-xml -- Convert iptables-save format to XML

SYNOPSIS

       iptables-xml [-c] [-v]

DESCRIPTION

       iptables-xml  is  used  to convert the output of iptables-save into an easily manipulatable XML format to STDOUT.  Use I/O-redirection pro-
       vided by your shell to write to a file.

       -c, --combine
	      combine consecutive rules with the same matches but different targets. iptables does not currently support more than one target  per
	      match,  so this simulates that by collecting the targets from consecutive iptables rules into one action tag, but only when the rule
	      matches are identical. Terminating actions like RETURN, DROP, ACCEPT and QUEUE are not combined with subsequent targets.

       -v, --verbose
	      Output xml comments containing the iptables line from which the XML is derived

       iptables-xml does a mechanistic conversion to a very expressive xml format; the only semantic considerations are for -g and -j  targets	in
       order to discriminate between <call> <goto> and <nane-of-target> as it helps xml processing scripts if they can tell the difference between
       a target like SNAT and another chain.

       Some sample output is:

       <iptables-rules>
	 <table name="mangle">
	   <chain name="PREROUTING" policy="ACCEPT" packet-count="63436" byte-count="7137573">
	     <rule>
	      <conditions>
	       <match>
		 <p>tcp</p>
	       </match>
	       <tcp>
		 <sport>8443</sport>
	       </tcp>
	      </conditions>
	      <actions>
	       <call>
		 <check_ip/>
	       </call>
	       <ACCEPT/>
	      </actions>
	     </rule>
	   </chain>
	 </table> </iptables-rules>

       Conversion from XML to iptables-save format may be done using the iptables.xslt script and xsltproc, or a custom program using  libxsltproc
       or similar; in this fashion:

       xsltproc iptables.xslt my-iptables.xml | iptables-restore

BUGS

       None known as of iptables-1.3.7 release

AUTHOR

       Sam Liddicott <azez@ufomechanic.net>

SEE ALSO

       iptables-save(8), iptables-restore(8), iptables(8)

iptables 1.4.21 														   IPTABLES-XML(1)
All times are GMT -4. The time now is 02:17 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy