Ergebnis 1 bis 6 von 6

Thema: opensuse 13.2 als Internet Gateway Server

  1. #1
    Registrierter Benutzer
    Registriert seit
    Mar 2013
    Beiträge
    5

    opensuse 13.2 als Internet Gateway Server

    Hallo

    ich komme nicht weiter, sehe den Wald vor Bäumen nicht.

    Möchte meine Workstation als Internet Gateway Server einrichten.

    Fritzbox(197.168.178.1) per Wlan --> Workstation --> Lan PC1
    ||
    Lan PC1

    Workstation hat DHCP 192.168.1.1 - 192168.1.101

    Yast Networksettings





    Firewall



    Code:
    linux-desktop:/home/jojo # route -n
    Kernel IP Routentabelle
    Ziel            Router          Genmask         Flags Metric Ref    Use Iface
    0.0.0.0         192.168.178.1   0.0.0.0         UG    0      0        0 wlp0s29f7u2
    192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
    192.168.178.0   0.0.0.0         255.255.255.0   U     0      0        0 wlp0s29f7u2
    collectNWData.txt
    http://pastebin.com/mFM3JZCV

    Was muss ich nun am Routing oder in den Networksettings änder damit pc1 und pc2 Internetzugriff haben.

    Danke

    auch: http://forum.linux-club.de/viewtopic.php?f=86&t=119650

  2. #2
    Registrierter Benutzer
    Registriert seit
    Sep 2003
    Beiträge
    2.912
    was bringt das cross-posting?

    fordward aktiviert?
    ausgabe von iptables -L
    ....

  3. #3
    Registrierter Benutzer Avatar von drcux
    Registriert seit
    Oct 2003
    Beiträge
    6.836
    Du hast in der Firewalleinstellung beide Interfaces auf "external", somit kannst du kein Masquerading aktivieren. Text lesen...

  4. #4
    Registrierter Benutzer
    Registriert seit
    Mar 2013
    Beiträge
    5
    Zitat Zitat von muell200 Beitrag anzeigen

    fordward aktiviert?
    ausgabe von iptables -L
    IPv4 Forwarding yes

    Code:
    iptables -L
    Chain INPUT (policy DROP)
    target     prot opt source               destination         
    ACCEPT     all  --  anywhere             anywhere            
    ACCEPT     all  --  anywhere             anywhere             ctstate ESTABLISHED
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED
    input_int  all  --  anywhere             anywhere            
    input_ext  all  --  anywhere             anywhere            
    LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-IN-ILL-TARGET "
    DROP       all  --  anywhere             anywhere            
    
    Chain FORWARD (policy DROP)
    target     prot opt source               destination         
    TCPMSS     tcp  --  anywhere             anywhere             tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
    forward_int  all  --  anywhere             anywhere            
    forward_ext  all  --  anywhere             anywhere            
    forward_ext  all  --  anywhere             anywhere            
    LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-FWD-ILL-ROUTING "
    DROP       all  --  anywhere             anywhere            
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination         
    ACCEPT     all  --  anywhere             anywhere            
    
    Chain forward_ext (2 references)
    target     prot opt source               destination         
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp echo-reply
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp destination-unreachable
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp time-exceeded
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp parameter-problem
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp timestamp-reply
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp address-mask-reply
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp protocol-unreachable
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp redirect
    ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
    ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
    DROP       all  --  anywhere             anywhere             PKTTYPE = multicast
    DROP       all  --  anywhere             anywhere             PKTTYPE = broadcast
    LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-FWDext-DROP-DEFLT "
    LOG        icmp --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-FWDext-DROP-DEFLT "
    LOG        udp  --  anywhere             anywhere             limit: avg 3/min burst 5 ctstate NEW LOG level warning tcp-options ip-options prefix "SFW2-FWDext-DROP-DEFLT "
    DROP       all  --  anywhere             anywhere            
    
    Chain forward_int (1 references)
    target     prot opt source               destination         
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp echo-reply
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp destination-unreachable
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp time-exceeded
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp parameter-problem
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp timestamp-reply
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp address-mask-reply
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp protocol-unreachable
    ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED,ESTABLISHED icmp redirect
    ACCEPT     all  --  anywhere             anywhere             ctstate NEW,RELATED,ESTABLISHED
    ACCEPT     all  --  anywhere             anywhere             ctstate NEW,RELATED,ESTABLISHED
    DROP       all  --  anywhere             anywhere             PKTTYPE = multicast
    DROP       all  --  anywhere             anywhere             PKTTYPE = broadcast
    LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-FWDint-DROP-DEFLT "
    LOG        icmp --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-FWDint-DROP-DEFLT "
    LOG        udp  --  anywhere             anywhere             limit: avg 3/min burst 5 ctstate NEW LOG level warning tcp-options ip-options prefix "SFW2-FWDint-DROP-DEFLT "
    reject_func  all  --  anywhere             anywhere            
    
    Chain input_ext (1 references)
    target     prot opt source               destination         
    DROP       all  --  anywhere             anywhere             PKTTYPE = broadcast
    ACCEPT     icmp --  anywhere             anywhere             icmp source-quench
    ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
    LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp dpt:domain flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-ACC-TCP "
    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:domain
    LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp dpt:ndl-aas flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-ACC-TCP "
    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ndl-aas
    LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-ACC-TCP "
    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
    ACCEPT     udp  --  anywhere             anywhere             udp dpt:domain
    DROP       all  --  anywhere             anywhere             PKTTYPE = multicast
    DROP       all  --  anywhere             anywhere             PKTTYPE = broadcast
    LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-DROP-DEFLT "
    LOG        icmp --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-INext-DROP-DEFLT "
    LOG        udp  --  anywhere             anywhere             limit: avg 3/min burst 5 ctstate NEW LOG level warning tcp-options ip-options prefix "SFW2-INext-DROP-DEFLT "
    DROP       all  --  anywhere             anywhere            
    
    Chain input_int (1 references)
    target     prot opt source               destination         
    ACCEPT     all  --  anywhere             anywhere            
    
    Chain reject_func (1 references)
    target     prot opt source               destination         
    REJECT     tcp  --  anywhere             anywhere             reject-with tcp-reset
    REJECT     udp  --  anywhere             anywhere             reject-with icmp-port-unreachable
    REJECT     all  --  anywhere             anywhere             reject-with icmp-proto-unreachable

  5. #5
    Registrierter Benutzer
    Registriert seit
    Mar 2013
    Beiträge
    5
    Zitat Zitat von drcux Beitrag anzeigen
    Du hast in der Firewalleinstellung beide Interfaces auf "external", somit kannst du kein Masquerading aktivieren. Text lesen...
    habe jetzt eth0 auf Internal Zone gesetzt

    aber keine Änderung die Route geht nicht durch

  6. #6
    Registrierter Benutzer
    Registriert seit
    Mar 2013
    Beiträge
    5
    Gateway funktioniert nun , keine Ahnung wo der Fehler war

Ähnliche Themen

  1. OpenSuSe 10.2 alt Gateway einrichten
    Von Der Techniker im Forum Anbindung an die Aussenwelt
    Antworten: 4
    Letzter Beitrag: 10.07.07, 13:11
  2. Internet über Gateway !
    Von Hastig im Forum Router und Netzaufbau
    Antworten: 11
    Letzter Beitrag: 31.05.03, 14:55
  3. Gateway ins Internet
    Von Noiseboy im Forum Router und Netzaufbau
    Antworten: 2
    Letzter Beitrag: 09.01.03, 16:27
  4. Linux Internet-Gateway - ich geb's auf
    Von rolux im Forum Router und Netzaufbau
    Antworten: 88
    Letzter Beitrag: 28.08.02, 13:04
  5. internet gateway und firewall
    Von thenewbie im Forum Anbindung an die Aussenwelt
    Antworten: 1
    Letzter Beitrag: 06.04.02, 12:49

Lesezeichen

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •