Hey Folks
I set up an internal network between two VirtualBoxes for testing purposes (OpenSuSE 13.2).
One is setup as an Server and as an Client.
Server:
- has two network interfaces: enp0s3 -> “external”; enp0s8 “internal”
- DHCP and DNS on the internal network interface enp0s8 (IP-Adresse-Range 10.50.10.0/24)
- connection to the “internet” on the external interface enp0s3 (IP:192.168.0.230) (192.168.0.0/24 with connection too the outside)
Client:
- has one network interface: enp0s3 “internal”
- configured to get IP from DHCP “Server Virtualbox”
DNS and DHCP works between Server and Client in Virtualbox-Network…
Sources:
http://www.subnet-calculator.com/subnet.php?net_class=C
http://www.subnet-calculator.com/cidr.php
http://www.netfilter.org/
http://www.netfilter.org/documentation/HOWTO//NAT-HOWTO-10.html
https://doc.opensuse.org/documentation/html/openSUSE_122/opensuse-security/cha.security.firewall.html
http://wiki.linux-club.de/opensuse/Internetzugang_mit_Linux-Rechner_als_Router
http://wiki.linux-club.de/opensuse/Tests_bei_Problemen_mit_der_Internetverbindung
https://www.novell.com/documentation/suse91/suselinux-adminguide/html/ch19.html#sec:fire
https://forums.opensuse.org/showthread.php/399158-SFW2-INext-DROP-DEFLT-in-dmesg
http://www.opensuse-forum.de/themen/sicherheit-unter-linux/1408-gelöst-internes-netz-kommt-nicht-ins-inet/
https://forums.opensuse.org/showthread.php/399026-How-can-i-share-my-Internet-connection?highlight=masq
http://www.cyberciti.biz/tips/iptables-mac-address-filtering.html
http://www.cyberciti.biz/tips/howto-configure-linux-virtual-local-area-network-vlan.html
https://aminesoft.wordpress.com/2009/08/29/firewall-with-iptables-using-mac-address-filtering-in-linux/
https://www.suse.com/communities/conversations/basic-iptables-tutorial/
http://acooke.org/cute/BlockingMA0.html
http://unifix.org/cgi-bin/index.pl?action=show&ID=233
http://tecadmin.net/mac-address-filtering-using-iptables/
http://www.unix.com/security/160564-configure-iptables-allows-list-mac-address.html
http://stackoverflow.com/questions/1611809/remove-empty-lines-in-a-text-file-via-grep
http://stackoverflow.com/questions/11267015/how-to-ignore-blank-lines-and-comment-lines-using-awk
My Problem is:
If I connect the Server first with the external network “enp0s3” all of the internet connections work (Web Browser, Updating OpenSuSE, etc.).
If I connect the Server first with the internal network “enp0s8” and then with the external network “enp0s3” ther is no connection to the “internet”.
Same happens the the client.
/etc/sysconfig/SuSEfirewall2
FW_DEV_EXT="enp0s3"
FW_DEV_INT="enp0s8"
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_DEV="enp0s3"
FW_MASQ_NETS="10.50.10.0/24"
cat /proc/sys/net/ipv4/ip_forward
1
cat /etc/resolv.conf
### /etc/resolv.conf file autogenerated by netconfig!
#
# Before you change this file manually, consider to define the
# static DNS configuration using the following variables in the
# /etc/sysconfig/network/config file:
# NETCONFIG_DNS_STATIC_SEARCHLIST
# NETCONFIG_DNS_STATIC_SERVERS
# NETCONFIG_DNS_FORWARDER
# or disable DNS configuration updates via netconfig by setting:
# NETCONFIG_DNS_POLICY=''
#
# See also the netconfig(8) manual page and other documentation.
#
# Note: Manual change of this file disables netconfig too, but
# may get lost when this file contains comments or empty lines
# only, the netconfig settings are same with settings in this
# file and in case of a "netconfig update -f" call.
#
### Please remove (at least) this line when you modify the file!
search internal.test
nameserver 192.168.0.XXX
nameserver 192.168.0.YYY
nameserver 10.50.10.100
The first two nameservers are the one from the external network and third is the of the internal network…
But Masquerading won’t work…
There is no internet connection…
SuSEfirewall2 status -> follows in the Reply