Re: After f40->f42 upgrade, NAT is not set up.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 7/6/25 05:17, Tim wrote:

On Fri, 2025-06-06 at 20:45 +1000, fedora@xxxxxxxxxxxxxx wrote:

After looking everywhere, and digging into my iptables rules and
such, I discovered that NAT is not being set up.

I added a rule to my firewall script
         iptables-legacy -t nat -A POSTROUTING -o eth1 -j MASQUERADE
eth0 is the local network, eth1 sees the internet.
Things work now.

In f40 NAT was always being set up automatically. Is it a network
manager issue?


So far as I'm aware, NAT has never been set up automatically, you
always had to set it up in some way.  When I had dial-up, I used to
have a command somewhat like yours in my iptables firewall script, also
with an command line to turn on IP forwarding.


This was already in the commands set as it was already working until f40.


Now, Network Manager has some options for sharing a connection.  Though
I find it far from straight-forward.

Instead of sharing out your connection with your internet service, you
enable sharing on the interface facing the rest of your LAN.  Which
begs the question: What sets up the source parameters for the
connection that it is sharing?  Does it simply assume the /other/
connection?  And what would happen if you had more than two real
interfaces?

Previously, you'd have set up IP forwarding and NAT on the internet
facing connection.  *It* is the one that needs special adjustments for
this role.

It also insists on setting up the shared connection with a different IP
range than what I'd want to use, meaning I'd have to reconfigure
everything else on my LAN (there's a new trend that NAT clients end up
on a 192.168.42 or .43 or .44 subnet).  And probably involves a
bunfight with my existing DHCP server on the same machine.

This is supposed to tell you how to do it:
https://fedoramagazine.org/internet-connection-sharing-networkmanager/


Thanks, I will look at this. I expect this to be painful.

--
Eyal at Home (fedora@xxxxxxxxxxxxxx)
--
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux