[Pkg-utopia-maintainers] Bug#638995: network-manager: Sharing network connection does not work: NAT not set up properly

Ralf Jung ralfjung-e at gmx.de
Tue Aug 23 15:04:37 UTC 2011 

Package: network-manager
Version: 0.8.4.0-2
Severity: normal

Sharing a networking connection (in my case, wireless eth1) over another
interface (wired, eth0) does not work. The syslog says:

Aug 23 16:23:39 r-schlepptop NetworkManager[1579]: <info> Policy set 'JUNG'
(eth1) as default for IPv4 routing and DNS.
Aug 23 16:23:39 r-schlepptop NetworkManager[1579]: <info> Executing:
/sbin/iptables --table filter --insert INPUT --in-interface eth0 --protocol tcp
--destination-port 53 --jump ACCEPT
Aug 23 16:23:39 r-schlepptop NetworkManager[1579]: <info> Executing:
/sbin/iptables --table filter --insert INPUT --in-interface eth0 --protocol udp
--destination-port 53 --jump ACCEPT
Aug 23 16:23:39 r-schlepptop NetworkManager[1579]: <info> Executing:
/sbin/iptables --table filter --insert INPUT --in-interface eth0 --protocol tcp
--destination-port 67 --jump ACCEPT
Aug 23 16:23:39 r-schlepptop NetworkManager[1579]: <info> Executing:
/sbin/iptables --table filter --insert INPUT --in-interface eth0 --protocol udp
--destination-port 67 --jump ACCEPT
Aug 23 16:23:39 r-schlepptop NetworkManager[1579]: <info> Executing:
/sbin/iptables --table filter --insert FORWARD --in-interface eth0 --jump
REJECT
Aug 23 16:23:39 r-schlepptop NetworkManager[1579]: <info> Executing:
/sbin/iptables --table filter --insert FORWARD --out-interface eth0 --jump
REJECT
Aug 23 16:23:39 r-schlepptop NetworkManager[1579]: <info> Executing:
/sbin/iptables --table filter --insert FORWARD --in-interface eth0 --out-
interface eth0 --jump ACCEPT
Aug 23 16:23:39 r-schlepptop NetworkManager[1579]: <info> Executing:
/sbin/iptables --table filter --insert FORWARD --source
10.42.43.0/255.255.255.0 --in-interface eth0 --jump ACCEPT
Aug 23 16:23:39 r-schlepptop NetworkManager[1579]: <info> Executing:
/sbin/iptables --table filter --insert FORWARD --destination
10.42.43.0/255.255.255.0 --out-interface eth0 --match state --state
ESTABLISHED,RELATED --jump ACCEPT
Aug 23 16:23:39 r-schlepptop NetworkManager[1579]: <info> Executing:
/sbin/iptables --table nat --insert POSTROUTING --source
10.42.43.0/255.255.255.0 --destination ! 10.42.43.0/255.255.255.0 --jump
MASQUERADE
Aug 23 16:23:39 r-schlepptop NetworkManager[1579]: <warn> ** Command returned
exit status 2.

The problem is that nm uses the wrong syntax for the last command: The '!' has
to be before --destination, not after it. Manually running

 /sbin/iptables --table nat --insert POSTROUTING --source
10.42.43.0/255.255.255.0 ! --destination 10.42.43.0/255.255.255.0 --jump
MASQUERADE

makes everything work smoothly.



-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 3.0.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages network-manager depends on:
ii  adduser                      3.113       add and remove users and groups
ii  dbus                         1.4.14-1    simple interprocess messaging syst
ii  isc-dhcp-client              4.1.1-P1-17 ISC DHCP client
ii  libc6                        2.13-16     Embedded GNU C Library: Shared lib
ii  libdbus-1-3                  1.4.14-1    simple interprocess messaging syst
ii  libdbus-glib-1-2             0.94-4      simple interprocess messaging syst
ii  libgcrypt11                  1.4.6-9     LGPL Crypto library - runtime libr
ii  libglib2.0-0                 2.28.6-1    The GLib library of C routines
ii  libgnutls26                  2.12.7-6    GNU TLS library - runtime library
ii  libgudev-1.0-0               172-1       GObject-based wrapper library for 
ii  libnl1                       1.1-7       library for dealing with netlink s
ii  libnm-glib2                  0.8.4.0-2   network management framework (GLib
ii  libnm-util1                  0.8.4.0-2   network management framework (shar
ii  libpolkit-gobject-1-0        0.102-1     PolicyKit Authorization API
ii  libuuid1                     2.19.1-5    Universally Unique ID library
ii  lsb-base                     3.2-27      Linux Standard Base 3.2 init scrip
ii  udev                         172-1       /dev/ and hotplug management daemo
ii  wpasupplicant                0.7.3-3     client support for WPA and WPA2 (I

Versions of packages network-manager recommends:
ii  dnsmasq-base                  2.57-1     A small caching DNS proxy and DHCP
ii  iptables                      1.4.12-1   administration tools for packet fi
ii  modemmanager                  0.5-1      D-Bus service for managing modems
ii  policykit-1                   0.102-1    framework for managing administrat
ii  ppp                           2.4.5-5    Point-to-Point Protocol (PPP) - da

Versions of packages network-manager suggests:
pn  avahi-autoipd                 <none>     (no description available)

-- no debconf information

More information about the Pkg-utopia-maintainers mailing list