[farsheedj]

Hi
I am trying to set up openvpn on dockstar so I can tunnel internet traffic through openvpn tunnel. I followed this
guide.
https://wiki.archlinux.org/index.php/OpenVPN
The openvpn server is up and running now and I can access my samba share but unable to reroute internet traffic through the tunnel. When I follow the guide and get to

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

When I type this command, I get iptable command not found. Any suggestion where I am supposed to add this and How do I add this to iptables ip forwarding. IPTABLES is installed on my dockstar.
Thanks.

[pepedog]

Is iptables installed?
pacman -S iptables
Does /usr/sbin/iptables exist?
Pay attention to /etc/conf.d/iptables, edit IPTABLES_FORWARD=1
Look at the start/stop script (don't edit), it does more than start and stop

Do you have a second USB-lan?
The package shorewall is supposed to make thing easy

[farsheedj]

Is iptables installed?
pacman -S iptables
Does /usr/sbin/iptables exist?
Pay attention to /etc/conf.d/iptables, edit IPTABLES_FORWARD=1
Look at the start/stop script (don't edit), it does more than start and stop

Do you have a second USB-lan?
The package shorewall is supposed to make thing easy

iptables is installed and /usr/sbin/iptables appear to exist.
I just installed shorewall.what are commands for shorewall to do this job
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
I do not have anyother usb LAN.
Thanks

[pepedog]

Do you have a second nic?

[farsheedj]

Do you have a second nic?

Pardon my ignorance.What do you mean by nic.My doctstar is only connected to two usb drive and to my router through ethernet.

[pepedog]

Nic = network interface card, no yo don't
Anyway, I have never done this, always in one Ethernet (or wireless) and out another

[farsheedj]

Thanks.

[tomcheng76]

works for me.

Code: Select all

[root@alarm ~]# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  10.0.0.0/24          anywhere

you should verified you have a LAN socket (RJ45) which is eth0 in your machine (by issuing command ifconfig -a)
you should verified you have iptables installed and you are login as root

If you are using router, you should create a static route in your router which set 10.0.0.0/24 to gateway <your alarm machine ip>

[firefoxPL]

Hi, I'm trying to replace my old laptop with ubuntu server with my new Pogo and ALARM, one of the key features I need to setup is OpenVPN and traffic forwarding through an encrypted tunnel.
I've already done this on my laptop-ubuntu setup some time ago and it works like a charm, but I have a problem with ALARM with regard to ip forwarding.
Basically I can connect to VPN from outside and access the Pogo through SSH, my local routing tables are updated with all necessary routes (routing tables look exactly like with VPN tunnel to the ubuntu), but I cannot ping any other devices on the server side, from what I gather by looking through tcpdump on Pogo it gets ping requests but doesn't forward them to other devices.
I've already changed /etc/sysctl.conf to enable ip forwarding and verified that /proc/sys/net/ipv4/ip_forward is also enabled. After that I've also installed iptables and enabled forwarding there, still no luck. I did try this:

Code: Select all

[root@alarm ~]# iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
FATAL: Module ip_tables not found.
iptables v1.4.12.1: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.


I've also tried:

Code: Select all

[root@alarm ~]# modprobe ip_tables
FATAL: Module ip_tables not found.


So it looks to me like there is something wrong the iptables by itself, might this be the cause of my problem with ip forwarding?
Any help would be much appreciated.

[dinjo]

Bumping since I'm also trying to forward transmission ports and fails

[root@alarm transmission-daemon]# iptables -L -t nat
FATAL: Module ip_tables not found.
iptables v1.4.12.1: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.