Speedtouch Links

Firmware Extractor
Fedora Core
Linux From Scratch
Help (mailing list)
Tux riding the SpeedTouch
SourceForge Logo

Network Address Translation - Masquerading

Xbox and PS2

The internet adds a whole new dimension to games. It can stop them becoming stale and boring and generate variety and unexpected situations. It all depends who's online.
However, there is a problem connecting a games console to the internet using a SpeedTouch modem. Games consoles don't have a USB socket so you can't connect the Speedtouch to them directly. But they do have an ethernet socket so it's possible to use a crossover cable to connect it to a PC. Linux can then, through the magic of iptables, forward the packets to your ISP through the SpeedTouch modem. It's like the Xbox or PS2 is another computer on your own little local area network and your PC is being a masquerading router.


To enable your kernel to do masquerading there are three ways you can go. My preferred option is to compile the kernel myself with all the netfilter stuff enabled and built in so it works and I can forget about it. Chances are though that you're using the generic modular kernel that came with your distro, in which case the choice is how to load the modules you need. It should be done while the kernel boots so it can setup the firewall before you dial up the weird, wild web. Some distro's use a plain text file in the /etc folder. It could be /etc/modules (Ubuntu), /etc/modprobe.preload (Mandrake), /etc/sysconfig/modules (LFS)
Open the file with a text editor (has to be done by root) and add these modules to the list


Another option is to use the modprobe command to load the modules and run it from a boot script, like so

modprobe ip_tables
modprobe iptable_filter
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ipt_state
modprobe iptable_nat
modprobe ip_nat_ftp
modprobe ipt_MASQUERADE
modprobe ipt_REJECT

If you're going to do that it probably makes sense to put those modprobe commands at the top of the next script and keep it all in one place.

If you're using Mandrake you'll need to use the Mandrake Control Centre to install Iptables as it is not installed by default.

Firewall Rules

When you reboot your computer you can set up a firewall with this script

iptables -P FORWARD DROP
iptables -P INPUT DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -t nat -A POSTROUTING -o ppp0 -s -j MASQUERADE
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i ppp0 -o ppp0 -j DROP
iptables -A FORWARD -i ppp0 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT
iptables -A INPUT -s -j ACCEPT
ifconfig eth0 netmask
route add -host dev eth0
echo 1 > /proc/sys/net/ipv4/ip_forward

In this example I'm assuming you just have one PC and one game console. is the local area network address of your computer, is the address of the Xbox and eth0 is the interface you are communicating with it through. If you have several ethernet cards and several other computers on your network then your situation will be more complicated and you'll need to change those commands to fit.
If you've not got a firewall bootscript and are using a dial bootscript to run 'pppd call speedtch' then it is probably simplest to add those commands to that bootscript. Put them at the top of the script so that they get run before pppd dials up your ISP.

If you're using Fedora I would replace the contents of the /etc/rc.d/init.d/iptables script with the commands you want to run. Make a backup copy first in case you want to put it back the way it was.

Configure The Game Console

On the Xbox or PS2 manually enter the values to allow it to connect to the internet. You'll need to know the address of your ISP's domain nameserver which you can get from /etc/ppp/resolv.conf

cat /etc/ppp/resolv.conf

you'll also need to enter the address of the game console and the address of the gateway computer. In the example above the Xbox is and the gateway is

More reading

Linux Networking-concepts HOWTO
Linux Network Administrators Guide
Masquerading Made Simple HOWTO
IP Masquerading Howto
Iptables Tutorial