/srv/irclogs.ubuntu.com/2013/02/24/#ubuntu-us-ca.txt

Torikunanyone good with iptables herE?02:52
akkI wish I were ... or knew anybody who was that I could pounce on. :)02:52
Torikunwhat is your question?02:53
TorikunMaybe i can help02:53
TorikunMy question is that I drop all incoming connections and allow certian ports. I added rules to block China. does it batter on the order?02:54
akkI have: laptop on wi-fi, Raspberry Pi connected to laptop via crossover ethernet cable.02:54
akkI want: a reliable setup so that laptop can ssh to pi, and pi can gateway through laptop.02:54
akkI have a script I cobbled together from stuff I found on the web, that works sometimes but not always.02:54
akkI have no idea how to debug it when it fails.02:54
Torikunall you have to do is forward over right02:55
Torikuniptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE #openvpn02:55
Torikunthat is what I do to bridge my openvpn network02:55
akkHere's what I do now: https://github.com/akkana/scripts/blob/master/masq02:55
darthrobotTitle: [scripts/masq at master · akkana/scripts · GitHub]02:55
Torikunlooks too complicated02:56
akkWhat I'd *really* like to do is: same setup, but have pi think it's on 192.168.1 (even if laptop already is) instead of 192.168.002:56
akkbut I've gotten the impression that's not possible.02:56
Torikunopenvpn may be a workaround02:57
Torikunor dhcp server on laptop02:57
akkI had the impression there was no way for the laptop to have both its wlan0 and its eth0 on 192.168.1.02:58
Torikunif laptop is a dhcp server, the pi will get 192.168.1.x02:58
Torikunor you can just use the forward command I posted and try to see if it will get dhcp address from your router02:59
akkSo just by setting up DHCP, it'll broadcast dhcp over both interfaces, and be happy with both interfaces on the same network number?02:59
Torikunyou can have it broadcast on eth only03:00
Torikunsince it is connected to the pi right03:00
akkYes, of course I'd want to do that (not give out dhcp over wi-fi)03:00
akkbut it wouldn't mind both interfaces on the same network with dhcp, even though it won't allow it without dhcp?03:00
akkI don't understand why having a dhcp server fixes that problem.03:01
Torikunso the pi will pull a 192.168.1.x address03:01
akkSo if I'm on wi-fi with wlan0 as 192.168.1.42 or whatever, I can just ifconfig eth0 to 192.168.1.200 (same network) and get away with it?03:02
akkWhen I've tried that before, I always found that wlan0 stopped working03:02
Torikunno03:02
akkI assume because it didn't know how to route to the outside any more.03:02
Torikunthe iptables rule I posted is the best and easiest way03:02
Torikuni have no issues with it on my Raspberry PI openvpn box03:02
akkSo I just need that one rule, plus a dhcp server?03:03
Torikunhttps://code.google.com/p/mephistobackup/source/browse/branches/server/firewall03:03
akkWhy do I need the dhcp server -- can't the pi have a fixed address?03:03
darthrobotTitle: [firewall - mephistobackup - Mephisto Backup Utility for Linux - Google Project Hosting]03:03
Torikunyou might wanna try forwarding the interface to another interface or look at my NAT rules03:03
bkerensapleia2: if you have a chance at Scale could you take a photo of the Mozilla booth for me? I just want to see how it turned out10:48

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!