Re: routing zwischen 2 subnetzen

10 Aug 2008


      Hallo,

Am Sonntag, 10. August 2008 13:57:42 schrieb Sandy Drobic:
...
Günter Ohmer wrote:
...
Hallo liebe Liste,
ich habe einen Router (Name=basar) mit SuSE 11.0 aufgesetzt mit 3
Subnetzen aufgesetzt. (routing table siehe unten).
warum geht der ping zwischen
192.168.1.2 und 192.168.3.198 nicht?
Vermutlich ein iptables-Problem. Was sagt denn "iptables -L"?
--
Sandy
Antworten bitte nur in die Mailingliste!
PMs bitte an: news-reply2 (@) japantest (.) homelinux (.) com
Das ist ein bißchen länglich, aber wenn man weiß wo man hinschauen muss .. :-)
==============================================================
basar:~ # iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere            state ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere            state RELATED
input_int  all  --  anywhere             anywhere
input_int  all  --  anywhere             anywhere
input_int  all  --  anywhere             anywhere
input_ext  all  --  anywhere             anywhere
input_ext  all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere            limit: avg 3/min 
burst 5 LOG level warning tcp-options ip-options prefix `SFW2-IN-ILL-TARGET '
DROP       all  --  anywhere             anywhere
Chain FORWARD (policy DROP)
target     prot opt source               destination
TCPMSS     tcp  --  anywhere             anywhere            tcp 
flags:SYN,RST/SYN TCPMSS clamp to PMTU
forward_int  all  --  anywhere             anywhere
forward_int  all  --  anywhere             anywhere
forward_int  all  --  anywhere             anywhere
forward_ext  all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere            limit: avg 3/min 
burst 5 LOG level warning tcp-options ip-options prefix 
`SFW2-FWD-ILL-ROUTING '
DROP       all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere            state 
NEW,RELATED,ESTABLISHED
LOG        all  --  anywhere             anywhere            limit: avg 3/min 
burst 5 LOG level warning tcp-options ip-options prefix `SFW2-OUT-ERROR '

Chain forward_ext (1 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp address-mask-reply
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp protocol-unreachable
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp redirect
ACCEPT     all  --  anywhere             anywhere            state 
RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            state 
RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            state 
RELATED,ESTABLISHED
LOG        all  --  anywhere             anywhere            limit: avg 3/min 
burst 5 PKTTYPE = multicast LOG level warning tcp-options ip-options prefix 
`SFW2-FWDext-DROP-DEFLT '
DROP       all  --  anywhere             anywhere            PKTTYPE = 
multicast
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min 
burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options 
ip-options prefix `SFW2-FWDext-DROP-DEFLT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min 
burst 5 LOG level warning tcp-options ip-options prefix 
`SFW2-FWDext-DROP-DEFLT '
LOG        udp  --  anywhere             anywhere            limit: avg 3/min 
burst 5 LOG level warning tcp-options ip-options prefix 
`SFW2-FWDext-DROP-DEFLT '
LOG        all  --  anywhere             anywhere            limit: avg 3/min 
burst 5 state INVALID LOG level warning tcp-options ip-options prefix 
`SFW2-FWDext-DROP-DEFLT-INV '
DROP       all  --  anywhere             anywhereChain forward_int (3 
references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp parameter-problem
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp timestamp-reply
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp address-mask-reply
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp protocol-unreachable
ACCEPT     icmp --  anywhere             anywhere            state 
RELATED,ESTABLISHED icmp redirect
ACCEPT     all  --  anywhere             anywhere            state 
NEW,RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            state 
NEW,RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            state 
NEW,RELATED,ESTABLISHED
LOG        all  --  anywhere             anywhere            limit: avg 3/min 
burst 5 PKTTYPE = multicast LOG level warning tcp-options ip-options prefix 
`SFW2-FWDint-DROP-DEFLT '
DROP       all  --  anywhere             anywhere            PKTTYPE = 
multicast
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min 
burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options 
ip-options prefix `SFW2-FWDint-DROP-DEFLT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min 
burst 5 LOG level warning tcp-options ip-options prefix 
`SFW2-FWDint-DROP-DEFLT '
LOG        udp  --  anywhere             anywhere            limit: avg 3/min 
burst 5 LOG level warning tcp-options ip-options prefix 
`SFW2-FWDint-DROP-DEFLT '
LOG        all  --  anywhere             anywhere            limit: avg 3/min 
burst 5 state INVALID LOG level warning tcp-options ip-options prefix 
`SFW2-FWDint-DROP-DEFLT-INV '
reject_func  all  --  anywhere             anywhere

Chain input_ext (2 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere            PKTTYPE = 
broadcast
ACCEPT     icmp --  anywhere             anywhere            icmp 
source-quench
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
LOG        all  --  anywhere             anywhere            limit: avg 3/min 
burst 5 PKTTYPE = multicast LOG level warning tcp-options ip-options prefix 
`SFW2-INext-DROP-DEFLT '
DROP       all  --  anywhere             anywhere            PKTTYPE = 
multicast
LOG        tcp  --  anywhere             anywhere            limit: avg 3/min 
burst 5 tcp flags:FIN,SYN,RST,ACK/SYN LOG level warning tcp-options 
ip-options prefix `SFW2-INext-DROP-DEFLT '
LOG        icmp --  anywhere             anywhere            limit: avg 3/min 
burst 5 LOG level warning tcp-options ip-options prefix 
`SFW2-INext-DROP-DEFLT '
LOG        udp  --  anywhere             anywhere            limit: avg 3/min 
burst 5 LOG level warning tcp-options ip-options prefix 
`SFW2-INext-DROP-DEFLT '
LOG        all  --  anywhere             anywhere            limit: avg 3/min 
burst 5 state INVALID LOG level warning tcp-options ip-options prefix 
`SFW2-INext-DROP-DEFLT-INV '
DROP       all  --  anywhere             anywhere

Chain input_int (3 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain reject_func (1 references)
target     prot opt source               destination
REJECT     tcp  --  anywhere             anywhere            reject-with 
tcp-reset
REJECT     udp  --  anywhere             anywhere            reject-with 
icmp-port-unreachable
REJECT     all  --  anywhere             anywhere            reject-with 
icmp-proto-unreachable
basar:~ #

Viele Grüße
Günter Ohmer

-- 
Guenter Ohmer
Jahnstrasse 24
D 76865 Rohrbach
mailto:guenter.ohmer@gmx.de

-- 
Um die Liste abzubestellen, schicken Sie eine Mail an:
    opensuse-de+unsubscribe@opensuse.org
Um eine Liste aller verfuegbaren Kommandos zu bekommen, schicken
Sie eine Mail an: opensuse-de+help@opensuse.org