DAV Posted March 18, 2012 Share Posted March 18, 2012 so, it wasn't easy, but i managed to get the ICS working with the MKIV, using some stuff i read here, but still having some issues... before my question, let me recap: because OSX (1.6.8) is only letting ICS through 192.168.2.1 gateway, i edited /etc/config/network to look like so: config interface lan option ifname eth0 option type bridge option proto static option ipaddr 192.168.2.254 option netmask 255.255.255.0 option gateway 192.168.2.1 option dns 8.8.8.8 and, i edited /etc/config/firewall to enable forwarding (not sure it was helpful, but it worked after i've done it) config zone option name lan option network 'lan' option input ACCEPT option output ACCEPT option forward ACCEPT reboot the MKIV, turned on my ICS in OSX and configured the dhcp for the Ethernet to be 192.168.2.200 <-- osx as client 255.255.255.0 with no router or dns addresses.. so far so good. im able to ping from the MKIV and do an nslookup.. it all seem great! EXCEPT, when loggin in via wifi with a pwnt device, not connection what so ever.. i've been on the issue for the last 3 days and so far, im only been able to ping outside.. any ideas? Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted March 19, 2012 Share Posted March 19, 2012 1. Disable the firewall. /etc/init.d/firewall stop. In fact it has been removed in 1.0.1 -- causes more trouble than it's worth for a hacker tool. 2. Look into your routes. By default it looks like this: root@Pineapple:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 172.16.42.42 0.0.0.0 UG 0 0 0 br-lan 172.16.42.0 * 255.255.255.0 U 0 0 0 br-lan You want it to look like: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.2.200 0.0.0.0 UG 0 0 0 br-lan 192.168.2.200 * 255.255.255.0 U 0 0 0 br-lan So from the Advanced menu in the Web UI enter: route del default in the bottom text field and click Execute Commands. Then from the first text field enter: route add default gw 192.168.2.200 br-lan and click the Update Routing Table button. If that doesn't do the trick a little iptables lovin' should. Quote Link to comment Share on other sites More sharing options...
DAV Posted March 19, 2012 Author Share Posted March 19, 2012 The route table is actually pointing to 192.168.2.1 which is the bridge address (and I can ping it) Quote Link to comment Share on other sites More sharing options...
niggizito Posted March 19, 2012 Share Posted March 19, 2012 The route table is actually pointing to 192.168.2.1 which is the bridge address (and I can ping it) DAV, Your MAC is the "bridge" for the pwnd clients, not the MarkIV. Typical connection setup: MarkIV PoE (172.16.42.1)-->LAN interface of the Win or *nix or MAC computer (172.16.42.42)-->wireless card of the same Win or *nix or MAC (whatever it is). The LAN interface of the computer doesn't have a default route as it only needs to communicate with Mark. Mark in its turn communicates with the rest of the world through your computer. And the default gateway for Mark is your LAN interface of the computer. The computer through its default routing table taken from the wireless card forwards the packets to inet. So, in your case, the routing table in the Mark should point to 192.168.2.200. Correct me if I'm wrong. Quote Link to comment Share on other sites More sharing options...
DAV Posted March 19, 2012 Author Share Posted March 19, 2012 192.168.2.200 is the ip of my machine in front of the mkiv, the ICS is also providing a gatway address - 192.168.2.1, bridged to the wireless interface (10.0.0.138). All routing should go through this gw, and from there to the wireless and then the world. It works perfectly in the ssh console when im pinging google, but the mkiv's pwnt clients cant seem to reach out through the gateway, even though the routing is pointing to the right address..:/ Quote Link to comment Share on other sites More sharing options...
niggizito Posted March 19, 2012 Share Posted March 19, 2012 192.168.2.200 is the ip of my machine in front of the mkiv, the ICS is also providing a gatway address - 192.168.2.1, bridged to the wireless interface (10.0.0.138). All routing should go through this gw, and from there to the wireless and then the world. It works perfectly in the ssh console when im pinging google, but the mkiv's pwnt clients cant seem to reach out through the gateway, even though the routing is pointing to the right address..:/ What's the default route in Mark? 192.168.2.1 you say? As Darren points out it should be 192.168.2.200 in your case. Quote Link to comment Share on other sites More sharing options...
DAV Posted March 19, 2012 Author Share Posted March 19, 2012 SUCCESS!!! :) ok, so i learned few interesting stuff.. OSX (1.6) ICS for some reason randomly shuts off, probably when i was switching IP for my Ethernet connection, but the little V box is kept checked, so make sure to ifconfig to see if you can see this: inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255 i have routed the default gateway to point at my machine it was flawless :) THANK YOU GUYS! Quote Link to comment Share on other sites More sharing options...
barry99705 Posted March 19, 2012 Share Posted March 19, 2012 (edited) SUCCESS!!! :) ok, so i learned few interesting stuff.. OSX (1.6) ICS for some reason randomly shuts off, probably when i was switching IP for my Ethernet connection, but the little V box is kept checked, so make sure to ifconfig to see if you can see this: inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255 i have routed the default gateway to point at my machine it was flawless :) THANK YOU GUYS! It will shut off if you change any of the ethernet settings. I was about to log in and say the settings we posted here will work. I also found that the firewall in Lion is a bit strict, and once I turn it off everything is golden. Edited March 19, 2012 by barry99705 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.