como configurar a caixa linux de 4 portas para o roteador

Por favor, informe onde estou errado:

Eu tenho um novo mini computador de 4 portas que eu quero usar como um roteador (com serviços comuns, como firewall, NAT, DNS) para minha rede crescente. A principal razão é aproveitar o ipset no iptables e secundariamente para obter um melhor desempenho. Eu tenho dois comutadores digitais conectados a eth0 e eth1, enquanto o cabo de internet se conecta à eth2.

Eu apresento as seguintes configurações e resultados do arquivo de configuração. Do meu computador desktop eu posso ssh para a nova caixa de gateway e de lá eu posso pingar um endereço WAN, mas não meus endereços de rede local. Eu fiz temporariamente o iptables bastante permissivo para garantir que não é o problema (ou assim eu acho). Suponho que haja um problema com o dhcp com base no syslog, mas não sei exatamente o que ou como corrigi-lo.

Muito obrigado por dedicar seu tempo para ajudar!

/etc/dhcp/dhcpd.conf (linhas de comentário excluídas por brevidade):

ddns-update-style none;

option domain-name "ptj.lan";
option domain-name-servers 208.67.222.222, 8.8.8.8; 

default-lease-time 600;
max-lease-time 7200;

authoritative;

log-facility local7;

subnet 192.168.10.0 netmask 255.255.255.0 {
 range 192.168.10.101 192.168.10.254;
 option routers 192.168.10.60;
 option domain-name-servers 208.67.222.222, 208.67.220.220;

 host tractorshed {
    hardware ethernet AC:CC:8E:0F:96:EC;
    fixed-address 192.168.10.22;
 }
 host screenporch {
    hardware ethernet AC:CC:8E:10:61:74;
    fixed-address 192.168.10.23;
 }
 host carport {
    hardware ethernet AC:CC:8E:10:61:6B;
    fixed-address 192.168.10.21;
 }
  host brotherprinter {
    hardware ethernet 00:1B:A9:15:65:70;
    fixed-address 192.168.10.10;
 }
   host nuc {
    hardware ethernet B8:AE:ED:7B:73:30;
    fixed-address 192.168.10.32;
 }
 host ptj-vision {
    hardware ethernet 4C:72:B9:21:0C:E4;
    fixed-address 192.168.10.31;
 }
}

listagem de / etc / default / isc-dhcp-server:

DHCPD_CONF=/etc/dhcp/dhcpd.conf

DHCPD_PID=/var/run/dhcpd.pid

INTERFACES="eth0 eth2 eth3"
# I know eth1 is labelled "4" on back of box so I'll use 4 for connection to a digital switch with address 192.168.10.60 so I can reach it 

e listagem / etc / network / interfaces:

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto eth2
iface eth2 inet dhcp

auto eth3
iface eth3 inet dhcp

# and the static address interface (marked "4" on the box) which I'll use on LAN side for access to this machine:
auto eth1
iface eth1 inet static
    address 192.168.10.60
    netmask 255.255.255.0
    broadcast 192.168.10.255

#stuff to rebuild ipset and iptable on reboot:
pre-up ipset restore < /home/boss/BadIPLists/genblacklist.bak
pre-up ipset restore < /home/boss/BadIPLists/sshblacklist.bak
pre-up iptables-restore < /home/boss/iptables.rules

por último, uma amostra do syslog:

Jan  8 14:59:54 debFirewall dhclient: No DHCPOFFERS received.
Jan  8 14:59:54 debFirewall dhclient: No working leases in persistent database - sleeping.
Jan  8 15:04:43 debFirewall dhclient: DHCPDISCOVER on eth3 to 255.255.255.255 port 67 interval 7
Jan  8 15:04:50 debFirewall dhclient: DHCPDISCOVER on eth3 to 255.255.255.255 port 67 interval 15
Jan  8 15:05:05 debFirewall dhclient: DHCPDISCOVER on eth3 to 255.255.255.255 port 67 interval 16
Jan  8 15:05:21 debFirewall dhclient: DHCPDISCOVER on eth3 to 255.255.255.255 port 67 interval 13
Jan  8 15:05:34 debFirewall dhclient: DHCPDISCOVER on eth3 to 255.255.255.255 port 67 interval 10
Jan  8 15:05:44 debFirewall dhclient: No DHCPOFFERS received.
Jan  8 15:05:44 debFirewall dhclient: No working leases in persistent database - sleeping.
Jan  8 15:06:21 debFirewall kernel: [ 8422.877907] igb 0000:02:00.0 eth1: igb: eth1 NIC Link is Down
Jan  8 15:06:25 debFirewall kernel: [ 8427.224580] igb 0000:04:00.0 eth3: igb: eth3 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Jan  8 15:07:17 debFirewall dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 5
Jan  8 15:07:22 debFirewall dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 13
Jan  8 15:07:35 debFirewall dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7
Jan  8 15:07:42 debFirewall dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 11
Jan  8 15:07:53 debFirewall dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7
Jan  8 15:08:00 debFirewall dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 18
Jan  8 15:08:10 debFirewall kernel: [ 8532.140374] igb 0000:04:00.0 eth3: igb: eth3 NIC Link is Down
Jan  8 15:08:18 debFirewall dhclient: No DHCPOFFERS received.
Jan  8 15:08:18 debFirewall dhclient: No working leases in persistent database - sleeping.
Jan  8 15:08:19 debFirewall kernel: [ 8540.932948] igb 0000:02:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX