- Posts: 8
- Thank you received: 0
Cofiguring a Proxy
18 years 3 months ago #15092
by nske
Replied by nske on topic Re: Cofiguring a Proxy
Allright, here's what I assume, if I'm wrong somewhere correct me:
- Your PC-A has two network interfaces, the first is connected to a gateway that provides a way to the internet (192.168.2.1), and the second interface is connected to PC-B (192.168.2.51).
- 192.168.2.52 is the address of your PC-A, assigned to one of the two interfaces
- PC-A has already access to the internet, after you add the proper route and define DNS servers [code:1]# route delete default
# route add default gw 192.168.2.1
# echo "nameserver x.x.x.x" > /etc/resolv.conf[/code:1]
- You want PC-B, to be able to find it's way to the internet
For this you do not need IPtables (you would only need them if you had to do NAT, however from what I understood you already have a router that does that). In any case, the first thing you should do is assign network addresses on seperate networks on both of your interfaces. That is, make a seperate network for the first interface of PC-A and the router (i.e. 192.168.2.0/24) and an other one for the second interface of PC-A and PC-B that is connected on it (i.e. 192.168.3.0/24).
Then make sure IP forwarding capability on PC-A is enabled, and if not activate it:
[code:1]# cat /proc/sys/net/ipv4/ip_forward
# echo "1" > /proc/sys/net/ipv4/ip_forward[/code:1]
Finally configure your router with address 192.168.0.1, to forward any traffic (replies) for 192.168.0.0/16 to PC-A.
Now PC-B (provided that it has correctly configured gateway and DNS server) should be able to find it's way to the internet.
You can of course manipulate traffic through iptables any way you want, but take your time to familiarize first, because it's not a small chapter
The place to begin exploring IPtables is the documentation section of netfilter.org . If you have any question down the road we'll gladly help as best as we can
- Your PC-A has two network interfaces, the first is connected to a gateway that provides a way to the internet (192.168.2.1), and the second interface is connected to PC-B (192.168.2.51).
- 192.168.2.52 is the address of your PC-A, assigned to one of the two interfaces
- PC-A has already access to the internet, after you add the proper route and define DNS servers [code:1]# route delete default
# route add default gw 192.168.2.1
# echo "nameserver x.x.x.x" > /etc/resolv.conf[/code:1]
- You want PC-B, to be able to find it's way to the internet
For this you do not need IPtables (you would only need them if you had to do NAT, however from what I understood you already have a router that does that). In any case, the first thing you should do is assign network addresses on seperate networks on both of your interfaces. That is, make a seperate network for the first interface of PC-A and the router (i.e. 192.168.2.0/24) and an other one for the second interface of PC-A and PC-B that is connected on it (i.e. 192.168.3.0/24).
Then make sure IP forwarding capability on PC-A is enabled, and if not activate it:
[code:1]# cat /proc/sys/net/ipv4/ip_forward
# echo "1" > /proc/sys/net/ipv4/ip_forward[/code:1]
Finally configure your router with address 192.168.0.1, to forward any traffic (replies) for 192.168.0.0/16 to PC-A.
Now PC-B (provided that it has correctly configured gateway and DNS server) should be able to find it's way to the internet.
You can of course manipulate traffic through iptables any way you want, but take your time to familiarize first, because it's not a small chapter
The place to begin exploring IPtables is the documentation section of netfilter.org . If you have any question down the road we'll gladly help as best as we can
18 years 3 months ago #15093
by monsky
Replied by monsky on topic Re: Cofiguring a Proxy
hi alerizwe,
i agree with nske. i got the same question before and nske has explained well the requirements that you should not be missed out.
and take note of the ip forwarding:
i agree with nske. i got the same question before and nske has explained well the requirements that you should not be missed out.
- PC-A has already access to the internet, after you add the proper route and define DNS servers
Code:
# route delete default
# route add default gw 192.168.2.1
# echo "nameserver x.x.x.x" > /etc/resolv.conf
- You want PC-B, to be able to find it's way to the internet
and take note of the ip forwarding:
Then make sure IP forwarding capability on PC-A is enabled, and if not activate it:
Code:
# cat /proc/sys/net/ipv4/ip_forward
# echo "1" > /proc/sys/net/ipv4/ip_forward
18 years 3 months ago #15096
by alerizwe
Replied by alerizwe on topic Thnx but.....
Thnx for such a detailed reply but unfortunately i cudnt explain properly i guess
i want 192.168.2.52 to route all its traffic to my pc 192.168.2.51 and as my
pc has default gate of 192.168.2.1 i think the traffic of 192.168.2.52 will reach 192.168.2.1having my machine (192.168.2.52) acting as a middleman. This machine(192.168.2.1) is connected to router via switch through an interface having a global IP.
I want 192.168.2.52 to reach internet going through my machine( 192.168.2.52)
and as i ve only ONE NIC CARD isnt it so that its traffic will then be routed to 192.168.2.1 ( whiich is my pc's default gateway :S)
Hope u guys got wht i want now.
i want 192.168.2.52 to route all its traffic to my pc 192.168.2.51 and as mypc has default gate of 192.168.2.1 i think the traffic of 192.168.2.52 will reach 192.168.2.1having my machine (192.168.2.52) acting as a middleman. This machine(192.168.2.1) is connected to router via switch through an interface having a global IP.
I want 192.168.2.52 to reach internet going through my machine( 192.168.2.52)
and as i ve only ONE NIC CARD isnt it so that its traffic will then be routed to 192.168.2.1 ( whiich is my pc's default gateway :S)
Hope u guys got wht i want now.
18 years 3 months ago #15105
by nske
You will need to have two NIC on your PC to do what you want. Routing, by definition, involves more than one seperate networks. It might work if you use virtual interfaces, however it would get unnecessarily complicated for beggining, and it is an inappropriate practice for real use anyway. I suggest you just add a second NIC (you might be able to find some used, even for as low as 1-2$).
However if you still want to give it a try, you can create a virtual interface on PC-A through ifconfig (i.e. ifconfig eth0:1 192.168.3.1 netmask 255.255.255.0), assign an address on the same network on your PC-B, and define 192.168.3.1 as the default gateway on it. The rest of the confguration is just like Monsky quoted. I'm not sure if that would work since there are a couple of things involved, but even if it works remember it's only appropriate for testing
PS. You might need to define a different MAC address on your virtual interface, you can do this using the "hw class" argument of ifconfig (for more information check man 8 ifconfig).
Replied by nske on topic Re: Cofiguring a Proxy
as i ve only ONE NIC CARD
You will need to have two NIC on your PC to do what you want. Routing, by definition, involves more than one seperate networks. It might work if you use virtual interfaces, however it would get unnecessarily complicated for beggining, and it is an inappropriate practice for real use anyway. I suggest you just add a second NIC (you might be able to find some used, even for as low as 1-2$).
However if you still want to give it a try, you can create a virtual interface on PC-A through ifconfig (i.e. ifconfig eth0:1 192.168.3.1 netmask 255.255.255.0), assign an address on the same network on your PC-B, and define 192.168.3.1 as the default gateway on it. The rest of the confguration is just like Monsky quoted. I'm not sure if that would work since there are a couple of things involved, but even if it works remember it's only appropriate for testing
PS. You might need to define a different MAC address on your virtual interface, you can do this using the "hw class" argument of ifconfig (for more information check man 8 ifconfig).
Time to create page: 0.163 seconds