On Tue, 2005-05-03 at 10:05 -0500, Matt Zagrabelny wrote: > hello, > > simple firewall problem: > > 1 external nic (eth0) > 1 internal nic (eth1) > > i do not need to do any snat or masquerading, i am just looking to > forward the traffic from the internal to the external. > > so far: > > # echo 1 > /proc/sys/net/ipv4/ip_forward <snip> > i have a client that is configured (via next hop routing) to have its > traffic sent to the internal interface on the firewall box. > tcpdump shows traffic getting to the internal interface, but not the > external. any thoughts?
spoof protection on eth1 was the culprit. echo 0 > /proc/sys/net/ipv4/eth1/rp_filter -matt zagrabelny -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]