[sisela] Sisela and IP Masquerading
Martin Ling
sisela@earth.li
Thu, 22 Jan 2004 01:00:04 +0000
On Wed, Jan 21, 2004 at 10:34:51PM +0000, s0233421 wrote:
>
> echo "1" > /proc/sys/net/ipv4/ip_forward
>
> iptables -A FORWARD -o eth0 -i eth1 -m state --state ESTABLISHED,RELATED
> -j ACCEPT
> iptables -A FORWARD -s 172.24.0.0/16 -o eth0 -j ACCEPT
> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
I think you may have things muddled up in that first rule. I assume by
the second and third that the external interface you're routing and
masquerading onto is eth0, so should the rule to allow traffic on
established connections back not be -i eth0 -o eth1?
> Oh and can the 0.3a code be compiled from the 0.3 ? I'd like sisela to
> boot with "pcifix" automatically and have a feeling I'll have to compile
> it into the code.
The only changes in the 0.3a images currently lurking in the download
directory are updates to pimd.
The 'pcifix' boot option is the same as the normal one but with the
kernel parameter pci=biosirq. Add this to the end of the main 'append'
line in your syslinux.cfg to make this the default.
Martin
--
http://the.earth.li/~martin/