Internet Sharing from a mobile
Benoit durand
bendrd at gmail.com
Thu Nov 12 12:12:05 UTC 2009
hello,
I want to share my internet connnexion since my internet access from my
mobile
my notebook ubuntu 9.10 is connected on internet.
eth0 : static 192.168.10.3
eth1 : dhcp : 192.168.0.103
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:d4:48:b5:cf
inet adr:192.168.10.3 Bcast:192.168.10.255 Masque:255.255.255.0
adr inet6: fe80::216:d4ff:fe48:b5cf/64 Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Packets reçus:327 erreurs:0 :0 overruns:0 frame:0
TX packets:433 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:1000
Octets reçus:47329 (47.3 KB) Octets transmis:49553 (49.5 KB)
Interruption:16
eth1 Link encap:Ethernet HWaddr 80:00:60:0f:e8:00
inet adr:192.168.0.103 Bcast:192.168.0.255 Masque:255.255.255.0
adr inet6: fe80::8200:60ff:fe0f:e800/64 Scope:Lien
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Packets reçus:252 erreurs:221 :0 overruns:0 frame:0
TX packets:289 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:1000
Octets reçus:128206 (128.2 KB) Octets transmis:131721 (131.7 KB)
I want to share my internet access with my server on ubuntu
ip server : eth0 192.168.10.1
On my notebook :
/etc/network/interfaces :
iface eth1 …
…
pre-up iptables-restore < /etc/iptables.up.rules
/etc/iptables.up.rules :
# /etc/network/iptables.up.rules
*filter
#########################
# Politiques par défaut #
#########################
-P INPUT DROP
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
######################
# Règles de filtrage #
######################
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -p igmp -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp --dport ssh -j ACCEPT
#-A INPUT -p tcp --dports smtp -j ACCEPT
#-A INPUT -p tcp --dports smtps -j ACCEPT
#-A INPUT -p tcp --dports submission -j ACCEPT
#-A INPUT -p tcp --dport domain -j ACCEPT
#-A INPUT -p udp --dport domain -j ACCEPT
#-A INPUT -p tcp --dport http -j ACCEPT
#-A INPUT -p tcp --dport https -j ACCEPT
#-A INPUT -p tcp --dport ipp -j ACCEPT
#-A INPUT -p udp --dport ipp -j ACCEPT
-A INPUT -p tcp --dport netbios-ssn -j ACCEPT
-A INPUT -p udp --dport netbios-ssn -j ACCEPT
#-A INPUT -p udp --dport xdmcp -j ACCEPT
#-A INPUT -p tcp --dport x11-1 -j ACCEPT
#-A INPUT -p udp --dport 1234 -j ACCEPT
#-A INPUT -p udp -d 224.2.127.254 --dport 9875 -j ACCEPT
#-A INPUT -p tcp --dport 30000:33000 -j ACCEPT
#-A INPUT -p tcp --dport 1720 -j ACCEPT
#-A INPUT -p udp --dport 5000:5006 -j ACCEPT
#-A INPUT -p tcp --dport daap -j ACCEPT
-A INPUT -p udp -d 224.0.0.251 --dport mdns -j ACCEPT
-A INPUT -j LOG --log-prefix "paquet IPv4 inattendu "
-A INPUT -j REJECT
COMMIT
*nat
########################
# Partage de connexion #
########################
-A POSTROUTING -o eth1 -j MASQUERADE
########################
# Redirections de port #
########################
#-A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 192.168.0.3:80
COMMIT
*mangle
COMMIT
/etc/sysctl.conf:
net.ipv4.conf.default.forwarding=1
# *iptables-restore < /etc/iptables.up.rules*
$ sudo iptables -v -L
[sudo] password for benoit :
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- lo any anywhere
anywhere
8 703 ACCEPT icmp -- any any anywhere
anywhere
0 0 ACCEPT igmp -- any any anywhere
anywhere
374 125K ACCEPT all -- any any anywhere
anywhere state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:ssh
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:domain
0 0 ACCEPT udp -- any any anywhere
anywhere udp dpt:domain
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:ipp
0 0 ACCEPT udp -- any any anywhere
anywhere udp dpt:ipp
0 0 ACCEPT tcp -- any any anywhere
anywhere tcp dpt:netbios-ssn
0 0 ACCEPT udp -- any any anywhere
anywhere udp dpt:netbios-ssn
17 4697 ACCEPT udp -- any any anywhere
224.0.0.251 udp dpt:mdns
98 58784 LOG all -- any any anywhere
anywhere LOG level warning prefix `paquet IPv4 inattendu '
98 58784 REJECT all -- any any anywhere
anywhere reject-with icmp-port-unreachable
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 555 packets, 288K bytes)
pkts bytes target prot opt in out source
destination
I have no connection to my server. where is my mistake?
thanks
Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20091112/46e00fde/attachment.html>
More information about the ubuntu-server
mailing list