Welcome to Linux Knowledge Base and Tutorial
"The place where you learn linux"

 Create an AccountHome | Submit News | Your Account  

Tutorial Menu
Linux Tutorial Home
Table of Contents

· Introduction to Operating Systems
· Linux Basics
· Working with the System
· Shells and Utilities
· Editing Files
· Basic Administration
· The Operating System
· The X Windowing System
· The Computer Itself
· Networking
· System Monitoring
· Solving Problems
· Security
· Installing and Upgrading
· Linux and Windows

Man Pages
Linux Topics
Test Your Knowledge

Site Menu
Site Map
Copyright Info
Terms of Use
Privacy Info
Masthead / Impressum
Your Account

Private Messages

News Archive
Submit News
User Articles
Web Links


The Web

Who's Online
There are currently, 52 guest(s) and 0 member(s) that are online.

You are an Anonymous user. You can register for free by clicking here



Current HOWTO: Masquerading-Simple-HOWTO

FAQ's - Frequently Asked Compla^H^H^H^H^H^H Questions

5. FAQ's - Frequently Asked Compla^H^H^H^H^H^H Questions

  • How do I list the rules I've got so far?

    - Try

    $> iptables -L
    $> iptables -t nat -L

  • It won't resolve IP's! I'm typing 'www.microsoft.com' in and it says it can't find it!

    - Make sure you add the dns server ip to all the clients.

  • It don't work! It doesn't like iptables / NAT / SNAT / MASQ

    - Go get the latest kernel, and compile with iptables and full NAT support.

  • It don't work! The masquerading doesn't work at all! Die scum!

    - Try echo 1 > /proc/sys/net/ipv4/ip_forward

  • It don't work! I can't use the network at all and I hate you!

    - Try

    $> iptables -F
    $> iptables -t nat -F
    $> iptables -t mangle -F

    (all rules went bye-bye) then rerun the other iptables rules.

    - Try iptables -P FORWARD ACCEPT

  • It still don't work!

    - Hmm, does "dmesg | tail" give any errors? or "cat /var/log/messages | tail" ? Like I care tho...

  • I don't get, it just ain't working!

    - I dunno.. but you should be able to:

    	1) From the gateway machine, ping the outside
    	2) From the gateway ping your internal machines
    	3) From the internal machines ping the gateway

    And this is before you play with masq'ing

  • Where do I put this stuff?

    - In the /etc/network/interfaces file, or firewall.rc. If you put it in the interfaces file, then put it as a pre-up to the external interface, and have "iptables -t nat -F" as the post-down.

  • How do I get it to only bring the ppp up on demand?

    - Assuming your ISP gateway IP is say for arguments sake, then append a line like this:


    to /etc/ppp/peers/provider at the end. (this is for dynamic IP - static IP would be my.external.ip.number: )

    Then at the end of that file add on a newline:


    Pppd will remain in the background to redial the connection on demand if it's dropped until you do an "ifdown ppp0" or a "poff", unless you add a "nopersist" option, in which case pppd will exit after the connection is up. You can also add on a new line "idle 600" to disconnect after 10 mins of idleness.

  • The connection keeps dropping!

    - First, do you have demand dialing? Is it just doing what it is supposed to? Check /etc/ppp/peers/provider, and make sure your dial up works fine before attempting masq'ing.

    - Secondly, if not, then perhaps, like me, something is going weird, and you need to fall back to Linux 2.4.3 and see if that works instead.. dunno why.

  • I hate doing this myself! I want a pre-made script and GUI and stuff.

    - Sure: http://shorewall.sourceforge.net/

    Eat your heart out!

  • Do I count Cable modems as static or dynamic IP's?

    - Good question.. might as well make it dynamic.

  • Do I count DHCP network cards as static or dynamic IP's?

    - They are dynamic.

  • How do I handle incomming services?

    - Try forwarding or redirecting the IP ports - again make sure you firewall this if needed.

  • From the clients, I can ping the linux gateway's external IP address, but can't access the internet.

    - Okay, try doing "rmmod iptable_filter" - more info on this as I get it.

    - Make sure your not running routed or gated - to check run "ps aux | grep -e routed -e gated".

    - Look at http://ipmasq.cjb.net

  • How can I view the connections establish? Something like netstat..

    - Try cat /proc/net/ip_conntrack

  • I need more squid info and routing and stuff!

    - Try the Advanced Routing HOWTO http://www.linuxdoc.org/HOWTO/Adv-Routing-HOWTO.html

  • This howto is crap! How do I yell at the guys who wrote this?

    - Go to #debian on irc.opensource.net and find and locate JohnFlux. - Mail me (JohnFlux) at tapselj0@cs.man.ac.uk

  • This howto is crap! How can I see better versions?

    - Try http://ipmasq.cjb.net

    - Consult the LDP Masq-HOWTO.

  • What else are you working on?

    Currently I'm writing a guide on linux on anti-missile-missiles-made-simple. There's no good guides on protecting your system from nuclear attacks for newbies. People seem to think its rocket science or something..

The Linux Tutorial completely respects the rights of authors and artists to decide for themselves if and how their works can be used, independent of any existing licenses. This means if you are the author of any document presented on this site and do no wish it to be displayed as it is on this site or do not wish it to be displayed at all, please contact us and we will do our very best to accommodate you. If we are unable to accommodate you, we will, at your request, remove your document as quickly as possible.

If you are the author of any document presented on this site and would like a share of the advertising revenue, please contact us using the standard Feedback Form.




Security Code
Security Code
Type Security Code

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Help if you can!

Amazon Wish List

Did You Know?
The Linux Tutorial can use your help.


Tell a Friend About Us

Bookmark and Share

Web site powered by PHP-Nuke

Is this information useful? At the very least you can help by spreading the word to your favorite newsgroups, mailing lists and forums.
All logos and trademarks in this site are property of their respective owner. The comments are property of their posters. Articles are the property of their respective owners. Unless otherwise stated in the body of the article, article content (C) 1994-2013 by James Mohr. All rights reserved. The stylized page/paper, as well as the terms "The Linux Tutorial", "The Linux Server Tutorial", "The Linux Knowledge Base and Tutorial" and "The place where you learn Linux" are service marks of James Mohr. All rights reserved.
The Linux Knowledge Base and Tutorial may contain links to sites on the Internet, which are owned and operated by third parties. The Linux Tutorial is not responsible for the content of any such third-party site. By viewing/utilizing this web site, you have agreed to our disclaimer, terms of use and privacy policy. Use of automated download software ("harvesters") such as wget, httrack, etc. causes the site to quickly exceed its bandwidth limitation and are therefore expressly prohibited. For more details on this, take a look here

PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.12 Seconds