Mailinglist Archive: opensuse-security (499 mails)

< Previous Next >
AW: [suse-security] Firewall Routing/Forwarding Problem
  • From: "Klingler, Karl" <Karl.Klingler@xxxxxxxxxxx>
  • Date: Wed, 5 Jun 2002 15:00:49 +0200
  • Message-id: <F7643F987720C34AAF69B5B4DB749E9F0CB724@xxxxxxxxxxxxxxxxxxxx>
Hi,

should not the default gateway of your webserver be 62.245.134.144
instead of 62.245.134.146?

karl

> -----Urspr√ľngliche Nachricht-----
> Von: Robert Szentmihalyi [mailto:robert.szentmihalyi@xxxxxxxxxxx]
> Gesendet: Mittwoch, 5. Juni 2002 14:50
> An: suse-security@xxxxxxxx
> Betreff: [suse-security] Firewall Routing/Forwarding Problem
>
>
> Hi,
>
> I have a strange problem which I have been debugging
> unsuccessfully for two days now. Perhaps one of you can help.
>
> We have a web server (SuSE Linux 7.3) behind a firewall
> (SuSE Linux 7.1) with iptables filtering rules.
>
> The firewall's NICs are configured as follows:
>
> eth0 62.245.134.130 netmask 255.255.255.240
> connected directly to the web server via a cross-over cable
> eth1 62.245.134.146 netmask 255.255.255.240
> connected to the internet
>
> route -n tells
>
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 62.245.134.128 0.0.0.0 255.255.255.240 U
> 0 0 0 eth1
> 62.245.134.144 0.0.0.0 255.255.255.240 U
> 0 0 0 eth0
> 0.0.0.0 62.245.134.129 0.0.0.0 UG
> 0 0 0 eth1
>
>
> 62.245.134.129 is the gateway IP address assigned to us by the ISP.
>
> The web servers NIC is configured as
> eth0 62.245.134.145 netmask 255.255.255.240
>
> and the routing table looks like this:
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 62.245.134.144 0.0.0.0 255.255.255.240 U
> 0 0 0 eth0
> 62.245.134.144 0.0.0.0 255.255.255.240 U
> 0 0 0 eth0
> 0.0.0.0 62.245.134.146 0.0.0.0 UG
> 0 0 0 eth0
>
> The problem is that the web server is not reachable on from
> the other side of the firewall although IP forwarding is
> activeated on the firewall.
>
> I don't think the problem is related to the filtering rules,
> but I can post the script if neccessary.
>
> Am I missing something?
> Do I have to configure the firewall as an ethernet bridge for
> this to work?
>
> Any hint is appreciated.
> Thanks,
> Robert
>
> --
> Where do you want to be tomorrow?
>
> Entracom. Building Linux systems.
> http://www.entracom.de
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>

< Previous Next >
Follow Ups