Benoit POSTE wrote:
I just leafed through the archives, but couldn't seem to find anything that would help me (maybe I used the wrong keywords ... dunnow). Anyhow, here I am with my questions. I have an old box (P100, RAM 16Mb, HD 500Mb) on which I just installed Suse 7.0 (no graphic as you can imagine, HD space is tight enough as it is). I plan to use it as a router/gateway(and /firewall as soon as I can get the routing work) for one or two Win98/Linux boxes. Status for now is: - "router" (192.168.0.1) connects correctly to the internet (cable modem, DHCP) and I can use irc or browse with lynx. - "router" can see (ping) the win98 box. - win98 (192.168.0.2) box can see (ping) the router. - slight boot error with the NFS daemon, but I do not plan to use NFS for now so it should be OK. And that's about it. I recompiled the kernel (not sure this was needed, but thus I could get rid of a lot of unneeded options) to make sure that I had the right network options (networking support, networking firewalls, TCP/IP networking, IP: forwarding/gatewaying, IP: firewalling, IP: masquerading, IP: ipautofwmasquerade support, IP: ICMP masquerating, IP: always defragment, IP: optimize as router not host ... hope I got them all). I tried either rc.config, IP_FORWARD="yes" then SuSEconfig, or what I had found in a howto somewhere (can't remember where exactly): echo "1" > /proc/sys/net/ipv4/ip_forward; ipchains -P forward DENY; ipchains -A forward -s 192.168.0.0/24 -j MASQ ... the end result is always the same: the win98 box cannot acces internet (no ping, no ftp, no http, no irc). Any pointers/ideas? Do you think that the problem is on the Linux box or on the win98 one? TCP/IP config of the win98 box perhaps? (IP address 192.169.0.2, network mask 255.255.255.0, DNS and gateway 192.168.0.1)
It's nice to have a clear, thorough description for once ;-) First (perhaps obvious) question is: is DNS actually running on the router? For testing purposes *only*, use the following commands once you've booted up the router: echo 1 > /proc/sys/net/ipv4/ip_forward ipchains -P input ACCEPT ipchains -P forward MASQ ipchains -P output ACCEPT This will allowing anything and everything... Try again with this configuration of the router. If this still doesn't work, blame Windows. Do a 'route print' on the Windows box. This should produce something like: 0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 You could also try to ping 216.239.35.100 (google.lb.google.com) to see if it's a DNS problem. Let me know how you get on, Chris -- __ _ -o)/ / (_)__ __ ____ __ Chris Reeves /\\ /__/ / _ \/ // /\ \/ / ICQ# 22219005 _\_v __/_/_//_/\_,_/ /_/\_\