anyone know about linux masquerading?

I've got a linux machine that I'm trying to get to act as a switch/router/hub/whatever.

It has two machines attached to it, one on eth0 and the other on eth1.
Each machine can talk to the Linux box, and the Linux box can talk to each machine (via ping and http, in both directions).
But the two machines can't talk to each other.

So, on eth0 I have:
192.168.10.1 - linux
192.168.10.3 - xp1

And on eth1 I have:
192.168.0.1 - linux
192.168.0.2 - xp2

And I'm trying to find out how to make it so I can access xp1 from xp2, preferably via standard windows \\xp1\sharedfolders and RemoteDesktop methods. (Although xp2 is my MacBook Pro, so also runs OSX - I figure if I get Windows working first, I can deal with MacOS after)

I've been all over Google trying to find a good tutorial on masquerading and stuff, but nothing is working. (or making much sense)

Is anyone here able to offer some magic commands that will make it all work?

NetHosted Staff Joined: 22 Mar 2004 Posts: 5625

This really is a black art! It can be quite a pain in the you know where fiddling with iptables and route etc may I suggest and out-of-the-box linux router distro? I'm not familiar with one but I'm sure it has to exist somewhere out there on the web.

If you want to get it working on your existing setup I've always found tldp to be quite handy:

http://tldp.org/HOWTO/IP-Masquerade-HOWTO/

Andrew

Posted: Mon Jun 18, 2007 9:09 pm Post subject:

Thanks.

The problem with an OotB router distro is that I need several other things too, and I don't want to have to worry about compiling sources. (I'm using Slax, which means I can just use nicely packaged modules, no need to worry about all that make stuff)

Someone else suggested that same page to me, and I tried the script in 3.4.1 but it gave various errors.

They also gave another page, and I think I've managed to get it working in one direction using Step 3 from here:
http://www.cyberciti.biz/tips/linux-as-router-for-dsl-t1-line-etc.html

But I can't manage to get it going in the other direction, which is more important.

After I've eaten I'll try the tldp one again and see if I can debug the error messages.

NetHosted Staff Joined: 22 Mar 2004 Posts: 5625

Sorry I can't be of much assistance on this one, your situation probably isn't unique so hopefully you'll get help from other sources (linuxquestions, mailing lists etc)

I look forward to reading of the happy ending!

Andrew

Posted: Mon Jun 18, 2007 10:22 pm Post subject:

Yeah, got threads on linuxquestions.org and linuxforum.com, so hopefully something useful will come from one of them.

Once I get it working I'll try and remember to post my solution here.

Posted: Mon Jun 18, 2007 10:27 pm Post subject:

Peter,

If you have access to a copy of the Linux Quick Fix Notebook by Peter Harrison that has a good chapter on iptables with a section which specifically covers masquerading.

On the other hand if you are prepared to go ootb then I would guess that Smoothwall

could be fairly easily configured to meet your requirements. It does however take over the whole machine.

Regards,

Pete