Mailinglist Archive: opensuse (2358 mails)
| < Previous | Next > |
Re: [SLE] Masquerading Causing Hair Loss
- From: mhtexcollins@xxxxxxxx (Michael H. Collins)
- Date: Mon, 18 Oct 1999 07:00:46 -0500
- Message-id: <380B0BEE.91DE0E8A@xxxxxxxx>
Try these from the cli. Should work then.
echo 1 > /proc/sys/net/ipv4/ip_forward
ipchains -P forward DENY
ipchains -A forward -j MASQ -s 192.168.1.0/24 -d 0.0.0.0/0
te:
>
> I'm just about to pull out my hair with Masq. I've upgraded my server to
> 6.2 because I thought it would be easier to configure.
>
>
> I can go to my server, wvdial onto the net, surf around, and ping
> anything.
>
> The machine I'm trying to masquerade is also 6.2. From that machine I can
> ping and rlogin to my server but anytime I try to ping an outside address
> I get 'network unreachable'.
>
> I can ping from my server to my client.
>
> If I run tcpdump on the client and try to ping the server I get:
> 22:35:44.611671 gershwin.aocp.cx > 206.7.114.10: icmp: echo request
>
> but I never see anything back.
>
> If I run tcpdump on the server and ping from the client I'll get a similar
> result. This leads me to believe that a ping from the client is actually
> getting routed through to the server.
>
> And sometimes in the tcpdump on the server I'll see:
> 10:51:11.281146 mozart.aocp.cx > gerswhin.aocp.cx icmp: mozart.aocp.cx upd
> port domain unreachable [tos 0xc0]. aocp.cx is a real domain but it's not
> hosted anywhere.
>
>
> My client IP is 192.168.1.2
> My server IP is 192.168.1.1
>
> On my server in the rc.config file I have:
> IP_FORWARD=yes
> #
> # Masquerading settings - See /usr/doc/packages/firewall
> # for a detailed description
> #
> MSQ_START="yes"
> MSQ_NETWORKS="192.168.0.0/24"
> MSQ_DEV="eth0"
> MSQ_MODULES="ip_masq_cuseeme ip_masq_ftp ip_masq_irc ip_masq_quake
> ip_masq_raudio ip_masq_vdolive"
>
> route -n on the client looks like this:
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
>
> route -n on the server looks like:
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
>
> Any ideas on what to check would be appreciated.
>
> regs,
> -jrp
>
> --
> To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
> For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
> Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
--
Michael H. Collins http://www.linuxlink.com
512-656-9508 http://www.xfce.org
*
First, Find out what is in /usr/doc. LinuxFunn!!!!!!!!!
SuSE 6.2...........The Ultimate NT service pack.
--
To unsubscribe send e-mail to suse-linux-e-unsubscribe@xxxxxxxx
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/
| < Previous | Next > |