I've decided to take a different approach to what i wrote earlier. Sorry for changing it up for those 9 views...


Objective: Sharing the PPPoE connection thru a linux gateway to the windows network using iptables.

Network:

internal: 192.168.0.X working
external: eth1/ppp0 (?) working
sharing: eth1/ppp0 -> eth0 -> network not working

Problems:

I've tried most of the iptable examples on linuxguruz.org's iptables script repository, and have read through about 5 pages of searched material on the forums here. None seem to work for me.

Questions:

If I wanted to let the internal computers see the internet and vice versa what would be a good chain/rule setup?


Chain ????? (policy ???????)
target prot opt source destination
????? ??? ?? ??????? ????????


What would be the chain, policy, target, source, etc ... if I wanted to share eth1/ppp0 with what is on the other side of eth0?

I'm not sure, this is just a different way to look at the problem by trying to figure out the ends, and then finding the means.

Thanks a lot!

Do you have 2 nic’s on you linux box? eth0 would have private IP address and eth1 public. Eth1 connecting to your isp’s router and you have enable ip forwarding.

If this is not the case I’m having problems understanding what you trying to do

Have you looked at a squid solution? It could be what you looking for

I have the same setup, AIM me (teh WarMachine) if you want to see my configuation files or have a bunch of quick questions

Actually I probably won't be on that screen name, drop me a PM if you still need help, I'll give you a sure fire way to contact me if you need config files, I think this one is most essential to you, my IPtables script


#!/bin/sh
adsl="/usr/sbin/adsl-start"
IPTABLES="/sbin/iptables"
$adsl
$IPTABLES -F
$IPTABLES --table nat --flush
$IPTABLES --delete-chain
$IPTABLES --table nat --delete-chain
$IPTABLES --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
$IPTABLES --append FORWARD --in-interface eth0 -j ACCEPT
$echo 1 > /proc/sys/net/ipv4/ip_forward


Lets explain what all that does, note this is my ORIGINAL script I drew up for this, there might be better ways to do this, but if it ain't broke don't fix it.
You might also ask how this gets loaded on boot. gentoo (my distro of choice) allows for interfaces to be brought up easily on boot by adding them to a certain runlevel. I know my net.eth1 is my FINAL interface brought up so I added an include after the start() section in which this got called. Remember to chmod a+x the file you put this in so it can be executed as a script. The part that is most important is that adsl-start is done before you try to set your "to the internet" interface. If you're using PPPoE, your out interface should be ppp0. Also note on this, eth1 was for PPPoE, eth0 went to my switch.