USB Networking vs. iptables

Christian Weßel wesselch at gmx.net
Thu Sep 18 19:22:29 CEST 2008 

Hello mokos,

I just have a DNS problem, I try to configure my FC6 following the guide
http://wiki.openmoko.org/wiki/USB_Networking#Proxying_with_iptables
because I have a simple static environment for my FR.

FR.usb.ip = 192.168.0.202
server.usb.ip = 192.168.0.200
server.eth.ip = 192.168.1.10
router.eth.ip = 192.168.1.254
DNS.ip = 212.6.108.140

on server:
[root at server ~]# cat /etc/resolv.conf 
search home
nameserver 212.6.108.140
nameserver 212.6.108.141

[root at server ~]# iptables -L -t nat --line-numbers -n
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination         
1    DNAT       tcp  --  192.168.0.202        192.168.0.200       tcp
dpt:53 to:212.6.181.140 
2    DNAT       udp  --  192.168.0.202        192.168.0.200       udp
dpt:53 to:212.6.181.140 

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination         
1    MASQUERADE  all  --  192.168.0.0/24       0.0.0.0/0           

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

on FR:
root at om-gta02:~# cat /etc/resolv.conf 
nameserver 192.168.0.200

root at om-gta02:~# ping 74.125.19.147 -c 1
PING 74.125.19.147 (74.125.19.147): 56 data bytes
64 bytes from 74.125.19.147: seq=0 ttl=236 time=182.480 ms

--- 74.125.19.147 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 182.480/182.480/182.480 ms

root at om-gta02:~# nslookup www.google.com
Server:    192.168.0.200
Address 1: 192.168.0.200

nslookup: can't resolve 'www.google.com'

For me the masqueration seems to be fine, just something with DNAT is
wrong.
If I change the FR.resolv.conf to 'nameserver 212.6.181.140' it also not
working.

But what's wrong?

BTW: I got no SElinux security alerts, neither in secure nor in
messages.
-- 

mfg/br, christian

Flurstraße 14
29640 Schneverdingen
Germany

E-Mail: wesselch at gmx.net
Telefon: +49 5193 97 14 95
Mobile:  +49 171 357 59 57
http://wesselch.homelinux.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.openmoko.org/pipermail/community/attachments/20080918/ddfaf47c/attachment.pgp

More information about the community mailing list