NAT not working on modem0

I’m trying to setup NAT for modem0 (ZTE MF100 HSDPA modem) under OpenSUSE 11.3 64-bit, however it’s not working. The same configuration works with eth0. eth1 is connected to the internal network. These are the commands I used:

For eth0:

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

For modem0:

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A POSTROUTING -o modem0 -j MASQUERADE
iptables -A FORWARD -i modem0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth1 -o modem0 -j ACCEPT

Actually, it is working; however, the configuration seems to disappear after a while (sooner for modem0 than for eth0). Any ideas on how to make it not disappear (or reset to the system default) while I’m trying to test some more advanced rules?

On 03/30/2011 05:06 PM, nlovric wrote:
>
> Actually, it is working; however, the configuration seems to disappear
> after a while (sooner for modem0 than for eth0). Any ideas on how to
> make it not disappear (or reset to the system default) while I’m trying
> to test some more advanced rules?

maybe, after setting /proc/sys/net/ipv4/ip_forward as you want it,
make it read only…

then, eventually you should have what is changing it now complain with
an error…


CAVEAT: http://is.gd/bpoMD
Tried LibreOffice? Do that and help at http://is.gd/dZ9j2W
[NNTP via openSUSE 11.3 + KDE4.5.5 + Thunderbird3.1.8]

Please see this section

## Default:     no
#
# 5.)
# Should routing between the internet, dmz and internal network be
# activated?
#
# Set this to "yes" if you either want to masquerade internal
# machines or allow access to the dmz (or internal machines, but
# this is not a good idea).
# 
# This option overrides IP_FORWARD from
# /etc/sysconfig/network/options
#
# Setting this option one alone doesn't do anything. Either activate
# masquerading with FW_MASQUERADE below if you want to masquerade
# your internal network to the internet, or configure FW_FORWARD to
# define what is allowed to be forwarded. You also need to define
# internal or dmz interfaces in FW_DEV_INT or FW_DEV_DMZ.
#
# defaults to "no" if not set
#
FW_ROUTE="no"

of the file /etc/sysconfig/SuSEfirewall2 (browse trough the whole file would be the best solution :slight_smile: ). I think it might be what You’re after.

Best regards,
Greg