USB Networking vs. iptables

Dennis Ferron dennis.ferron at gmail.com
Thu Sep 18 21:15:12 CEST 2008


Instead of this:

tables -t nat -A PREROUTING -p tcp -s 192.168.0.202 -d 192.168.0.200
--dport domain -j DNAT --to-destination 192.168.0.1
iptables -t nat -A PREROUTING -p udp -s 192.168.0.202 -d 192.168.0.200
--dport domain -j DNAT --to-destination 192.168.0.1

Did you do/would you try this (on your server):

tables -t nat -A PREROUTING -p tcp -s 192.168.0.202 -d 192.168.0.200
--dport domain -j DNAT --to-destination 192.168.1.254
iptables -t nat -A PREROUTING -p udp -s 192.168.0.202 -d 192.168.0.200
--dport domain -j DNAT --to-destination 192.168.1.254

This assumes your router is set up as a DNS server.  Then in resolv.conf,
use your router at 192.168.1.254 as the DNS server, not any of those other
values.  That is (I think) similar to how I have mine configured at home.
 If you still have problems, I'll post my exact /etc conf files for you when
I get home.

On Thu, Sep 18, 2008 at 12:22 PM, Christian Weßel <wesselch at gmx.net> wrote:

> Hello mokos,
>
> I just have a DNS problem, I try to configure my FC6 following the guide
> http://wiki.openmoko.org/wiki/USB_Networking#Proxying_with_iptables
> because I have a simple static environment for my FR.
>
> FR.usb.ip = 192.168.0.202
> server.usb.ip = 192.168.0.200
> server.eth.ip = 192.168.1.10
> router.eth.ip = 192.168.1.254
> DNS.ip = 212.6.108.140
>
> on server:
> [root at server ~]# cat /etc/resolv.conf
> search home
> nameserver 212.6.108.140
> nameserver 212.6.108.141
>
> [root at server ~]# iptables -L -t nat --line-numbers -n
> Chain PREROUTING (policy ACCEPT)
> num  target     prot opt source               destination
> 1    DNAT       tcp  --  192.168.0.202        192.168.0.200       tcp
> dpt:53 to:212.6.181.140
> 2    DNAT       udp  --  192.168.0.202        192.168.0.200       udp
> dpt:53 to:212.6.181.140
>
> Chain POSTROUTING (policy ACCEPT)
> num  target     prot opt source               destination
> 1    MASQUERADE  all  --  192.168.0.0/24       0.0.0.0/0
>
> Chain OUTPUT (policy ACCEPT)
> num  target     prot opt source               destination
>
> on FR:
> root at om-gta02:~# cat /etc/resolv.conf
> nameserver 192.168.0.200
>
> root at om-gta02:~# ping 74.125.19.147 -c 1
> PING 74.125.19.147 (74.125.19.147): 56 data bytes
> 64 bytes from 74.125.19.147: seq=0 ttl=236 time=182.480 ms
>
> --- 74.125.19.147 ping statistics ---
> 1 packets transmitted, 1 packets received, 0% packet loss
> round-trip min/avg/max = 182.480/182.480/182.480 ms
>
> root at om-gta02:~# nslookup www.google.com
> Server:    192.168.0.200
> Address 1: 192.168.0.200
>
> nslookup: can't resolve 'www.google.com'
>
> For me the masqueration seems to be fine, just something with DNAT is
> wrong.
> If I change the FR.resolv.conf to 'nameserver 212.6.181.140' it also not
> working.
>
> But what's wrong?
>
> BTW: I got no SElinux security alerts, neither in secure nor in
> messages.
> --
>
> mfg/br, christian
>
> Flurstraße 14
> 29640 Schneverdingen
> Germany
>
> E-Mail: wesselch at gmx.net
> Telefon: +49 5193 97 14 95
> Mobile:  +49 171 357 59 57
> http://wesselch.homelinux.org
>
> _______________________________________________
> Openmoko community mailing list
> community at lists.openmoko.org
> http://lists.openmoko.org/mailman/listinfo/community
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openmoko.org/pipermail/community/attachments/20080918/b4fd81e7/attachment.htm 


More information about the community mailing list