can't edit /proc/sys/net/ipv4/ip_forward

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
View previous topic :: View next topic  
Author Message
maxmoon
DD-WRT Novice


Joined: 26 Jul 2011
Posts: 15
PostPosted: Wed Aug 10, 2011 0:34    Post subject: can't edit /proc/sys/net/ipv4/ip_forward Reply with quote
I want to use my dd-wrt router to create a vpn-connection and share this connection with the clients.

Mode is set up on "Repeater"

I've read a tutorial about that and the router got a vpn connection, but I can't share this connection with iptables (maybe wrong iptables) and I've a problem editing the file ip_forward

if I use

Code:
echo 1 > /proc/sys/net/ipv4/ip_forward


nothing changes than I opened the file with

Code:
vi /proc/sys/net/ipv4/ip_forward


Editing the file with vi doesn't work.
Even a startupskript like

Code:
echo 1 > /proc/sys/net/ipv4/ip_forward


doesn't work.

Can you help me plz?
Back to top View user's profile Send private message
Sponsor
maxmoon
DD-WRT Novice


Joined: 26 Jul 2011
Posts: 15
PostPosted: Wed Aug 10, 2011 3:19    Post subject: Reply with quote
ok, got it. I forgot the "

Code:
echo "1" > /proc/sys/net/ipv4/ip_forward
Back to top View user's profile Send private message
phuzi0n
DD-WRT Guru


Joined: 10 Oct 2006
Posts: 10141
PostPosted: Wed Aug 10, 2011 21:12    Post subject: Reply with quote
It should already be set to 1 unless you disabled routing for some reason. If you really are using Repeater mode (not Repeater Bridge!!!) then you shouldn't need to mess with this. If you're really using RB mode then you shouldn't be.
_________________
Read the forum announcements thoroughly! Be cautious if you're inexperienced.
Available for paid consulting. (Don't PM about complicated setups otherwise)
Looking for bricks and spare routers to expand my collection. (not interested in G spec models)
Back to top View user's profile Send private message
maxmoon
DD-WRT Novice


Joined: 26 Jul 2011
Posts: 15
PostPosted: Thu Aug 11, 2011 15:45    Post subject: Reply with quote
phuzi0n wrote:
It should already be set to 1 unless you disabled routing for some reason. If you really are using Repeater mode (not Repeater Bridge!!!) then you shouldn't need to mess with this. If you're really using RB mode then you shouldn't be.


Thank you for your help.

With the repeaterbridge-mode I've got a '1' if I execute following:

Code:
cat /proc/sys/net/ipv4/ip_forward


That's super, but vpnc doesn't work in this mode

Code:
root@DD-WRT:~# vpnc /tmp/etc/vpnc/vpn.conf
connecting to port 62465: Network is unreachable


so I turned it back to 'repeater' and put in this startupscript again:

Code:
echo "1" > /proc/sys/net/ipv4/ip_forward


With this mode I can execute vpnc without a problem and got a vpn-connection and pinging google works:

Code:
root@DD-WRT:~# ping google.com
PING google.com (209.85.148.99): 56 data bytes
64 bytes from 209.85.148.99: seq=0 ttl=55 time=12.187 ms
64 bytes from 209.85.148.99: seq=1 ttl=55 time=16.217 ms
64 bytes from 209.85.148.99: seq=2 ttl=55 time=16.105 ms


But I've got another problem which I can't solve for 2-3 weeks Sad

The vpn-connection is the gate to the Internet.
But the clients in my Network got no Internet.

I use follow iptables:

Code:
iptables -t nat -F
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -I INPUT 1 -i eth0 -j ACCEPT
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -p UDP --dport bootps -i ! eth0 -j REJECT
iptables -A INPUT -p UDP --dport domain -i ! eth0 -j REJECT
iptables -I FORWARD -i eth0 -d 192.168.1.0/255.255.255.0 -j DROP
iptables -A FORWARD -i eth0 -s 192.168.1.0/255.255.255.0 -j ACCEPT
iptables -A FORWARD -i tun0 -d 192.168.1.0/255.255.255.0 -j ACCEPT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE


But this doesn't work Sad

I would be very glad if someone could help me with this.
Back to top View user's profile Send private message
maxmoon
DD-WRT Novice


Joined: 26 Jul 2011
Posts: 15
PostPosted: Thu Aug 11, 2011 19:23    Post subject: Reply with quote
Ok... got it! (at last)

iptables:

    iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
    iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
    iptables -I INPUT -i tun0 -j REJECT
    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE


and important....
Set the right DNSs in the DHCP of the router

Setup -> Basic Setup -> Network Address Server Settings (DHCP) ->Static DNS 1 & Static DNS 2 & Static DNS 3
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum