On 11/16/2005 11:11 AM, Peter A. Taylor wrote:
On Tuesday 15 November 2005 19:36, Darryl Gregorash wrote:
I'm even more confused:
Nov 15 09:05:49 athena kernel: SFW2-FWDint-DROP-DEFLT IN=eth0 OUT=modem0 SRC=192.168.2.20 DST=64.243.71.82 LEN=73 TOS=0x00 PREC=0x00 TTL=127 ID=33119 PROTO=UDP SPT=1027 DPT=53 LEN=53
This is a DNS lookup from "isis" that was just dropped, yet you say your wife is able to resolve hostnames.
"isis" runs Windows XP Home Edition. Perhaps it caches recently used domain name data? It also has a modem, which she can't use when I'm online.
Output from SuSE 10.0, online, "iptables -L -n": Mea culpa; there are actually 3 independent tables in the firewall (filter, nat and mangle), and the command as I gave it to you only gives
OK, that might be the reason she can resolve the ISP's ftp server, but it doesn't explain why her network traffic is being dropped. Note also that name caching is only temporary, and if your internal network was a permanent fixture (ie if she had no modem of her own), I am pretty sure she would be unable to resolve any hostnames. the state of the "filter" table. All the masquerading rules are in the "nat" table. Perhaps we really need to be looking at the raw rules anyway, for which there is the "iptables-save" command. Each line of the output is essentially the parameters of a single "iptables" commandline as the firewall script created it. Just run "iptables-save" as root, with no parameters, and post the results. This command outputs all three of the tables by default.