Hello, experts! My feeling that I have a simple problem, which I cannot solve alone. Would appreciate any help from community.
I have a 3-computer network at home: First Windows workstation: 192.168.1.2/16, gw 192.168.1.1 Second Windows workstation 192.168.2.2/16, gw 192.168.2.1 Linux server/NAT firewall/gateway running Debian Woody 3.0: eth0: 10.0.0.150/24 connected to ADSL modem/router (10.0.0.138) eth1: 192.168.1.1/24 connected to the first workstation eth2: 192.168.2.1/24 connected to the second workstation Gateway output of "netstat -rn": Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 10.0.0.0 0.0.0.0 255.255.255.0 U 40 0 0 eth0 192.168.2.0 0.0.0.0 255.255.255.0 U 40 0 0 eth2 192.168.1.0 0.0.0.0 255.255.255.0 U 40 0 0 eth1 0.0.0.0 10.0.0.138 0.0.0.0 UG 40 0 0 eth0 I am running iptables firewall configured with jay-firewall script. Here some output from "iptables -L" command which related to the home LAN: Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere JAY_LANIN all -- anywhere anywhere JAY_LANIN all -- anywhere anywhere JAY_INETIN all -- anywhere anywhere JAY_LDROP all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination JAY_FWD_LAN_LAN all -- 192.168.1.0/24 192.168.2.0/24 JAY_FWD_LAN_LAN all -- 192.168.2.0/24 192.168.1.0/24 JAY_FWD_INET_LAN all -- anywhere 192.168.1.0/24 JAY_FWD_INET_LAN all -- anywhere 192.168.2.0/24 JAY_FWD_LAN_INET all -- 192.168.1.0/24 anywhere JAY_FWD_LAN_INET all -- 192.168.2.0/24 anywhere JAY_LDROP all -- anywhere anywhere Chain JAY_FWD_LAN_LAN (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere Now the PROBLEM: My workstations cannot talk to each other! Any one of two workstations can connect to the internet, I can ping every network interface on Linux server from any workstation, but when I am trying to ping between them, there is no answer. Traffic sniffer shows that there is no answer to arp requests sent from workstations. The arp table on the gateway includes arp entries for both workstations during that test. The question: What is wrong and where? Is my routing table wrong or the problem is in iptables configuration? Many thanks to everyone who will help. Konstantin. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.487 / Virus Database: 286 - Release Date: 6/1/2003 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]