Bonjour,
J'ai un petit soucis urgent à régler.
Mon LAN n'a pas accès au WLAN et inversement
Voici ma config réseau et iptables
ifconfig
jewome62@homeServer:~$ ifconfig
eth0 Link encap:Ethernet HWaddr 90:2b:34:5d:f0:bd
inet addr:109.24.221.197 Bcast:109.24.221.255 Mask:255.255.255.0
inet6 addr: fe80::922b:34ff:fe5d:f0bd/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1394182808 errors:0 dropped:0 overruns:0 frame:0
TX packets:95492127 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1877180714999 (1.8 TB) TX bytes:28459957027 (28.4 GB)
eth1 Link encap:Ethernet HWaddr 90:2b:34:5d:f0:bf
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:69965407 errors:0 dropped:353 overruns:0 frame:0
TX packets:1332506551 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:25206583122 (25.2 GB) TX bytes:1800145875948 (1.8 TB)
lan Link encap:Ethernet HWaddr 84:a6:c8:08:33:88
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::922b:34ff:fe5d:f0bf/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:89341573 errors:0 dropped:0 overruns:0 frame:0
TX packets:1390991542 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:28914112484 (28.9 GB) TX bytes:1877876961114 (1.8 TB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:1051476 errors:0 dropped:0 overruns:0 frame:0
TX packets:1051476 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:91560691 (91.5 MB) TX bytes:91560691 (91.5 MB)
mon.wlan0 Link encap:UNSPEC HWaddr 84-A6-C8-08-33-88-3A-30-00-00-00-00-00-00-00 -00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:145228824 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:32360186904 (32.3 GB) TX bytes:0 (0.0 B)
wlan0 Link encap:Ethernet HWaddr 84:a6:c8:08:33:88
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:28155659 errors:0 dropped:0 overruns:0 frame:0
TX packets:57299253 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5749663097 (5.7 GB) TX bytes:76398158524 (76.3 GB)
interface
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet dhcp
iface eth0 inet6 dhcp
############### Reseau Local ########################
#Reseau Filiaire
auto eth1
iface eth1 inet manual
#Reseau Wifi
auto wlan0
iface wlan0 inet manual
#Reseau local global
auto lan
iface lan inet static
address 192.168.0.1
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
post-up iptables-restore < /etc/iptables.rules
post-up hostapd /etc/hostapd/hostapd.conf
post-up upnpd eth0 lan
pre-down iptables-save > /etc/iptables.rules
pre-down killall upnpd
pre-down killall hostapd
bridge-ports wlan0 eth1
règle iptables
# Generated by iptables-save v1.4.12 on Fri Aug 16 16:30:26 2013
*mangle
:PREROUTING ACCEPT [2894030:4352692056]
:INPUT ACCEPT [2074235:2793895319]
:FORWARD ACCEPT [2864013:4330513879]
:OUTPUT ACCEPT [14223:2632508]
:POSTROUTING ACCEPT [2872462:4330610175]
COMMIT
# Completed on Fri Aug 16 16:30:26 2013
# Generated by iptables-save v1.4.12 on Fri Aug 16 16:30:26 2013
*nat
:PREROUTING ACCEPT [25101:23966209]
:INPUT ACCEPT [1904:142703]
:OUTPUT ACCEPT [128:8756]
:POSTROUTING ACCEPT [53:14076]
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Fri Aug 16 16:30:26 2013
# Generated by iptables-save v1.4.12 on Fri Aug 16 16:30:26 2013
*filter
:INPUT DROP [30247:41013616]
:FORWARD DROP [60:21637]
:OUTPUT DROP [0:0]
:fail2ban-ssh - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lan -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
-A INPUT -p igmp -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A FORWARD -i lan -o eth0 -j ACCEPT
-A FORWARD -i eth0 -o lan -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o lan -j ACCEPT
-A fail2ban-ssh -j RETURN
COMMIT
# Completed on Fri Aug 16 16:30:26 2013
Que manque t-il ?
il me semblait qu'un bridge fessais comme un commutateur,