Omar D. Samuels wrote:
Okay guys, thanks for the response, it's been a while so I guess I forgot that this IS a place for details. Allow me then to start over.Still not a lot in the way of specific details, but I think your problem is in the default ipchains rules, which block private IP traffic on the external interface.
Alright... got the floppy-based Dachstein, did a fresh diskette, stuck it into my 486/DX2, 16MB RAM, with two identical RTL8019 NICs. Now I've used the same hardware before as a gateway on a different network and it worked. This time around I'm trying it at home. I have one of the primewave wireless boxes, that come down into a RJ45 box that I plug the External interface of the box into and get DHCP address 192.168.1.x from 192.168.1.111 DHCP server. The problem is that this is the same subnet being given out on the internal side of the box. I figured that this would cause a problem and started tinkering to change the internal interface subnet to 172.16.0.x/24. I still couldnt ping anything from an internal client machine, however this time whenever I ping a domain name (Eg. www.yahoo.com) it resolves, but after resolving still couldnt ping the IP address resolved. I've tried rebooting of client machine and clearing the history and temp files and pinging domains not previously pinged just to make sure that it was in fact actively resolving domains.
I looked at the IPCHAINS chains and there are a whole bunch of rules loaded in there... as a test I tried going thru the filter file with the rules and changing the deault policy from DENY to ACCEPT for input, forward, output.... I tried adding the internal subnet... as a matter of fact everything to the hosts.allow file (ALL : ALL). I even manually from the command line tried flushing all chains and setting the policies to ACCEPT.
I was also wondering of all the Filter settings (none|router|firewall) which would be a safer bet to get this thing to work?
I hope I did better on the description this time, if anyone has any insight or suggestions, I'd love to hear 'em thanks.
To modify this, edit /etc/ipfilter.conf, and comment out the 192.168.0.0 line from the stopMartians () procedure (near the top of the file).
You'll also need to verify you have correctly changed the internal network numbering in *ALL* required locations. Changing it in /etc/network.conf is enough to keep the low-level networking from being confused, but you probably also need to edit the dhcp server configuration, the dnscache configuration, and there might be some more entries for stuff like weblet hanging around. The command:
"grep 192.168.1 /etc/*" should help you find any odd-ball files you missed.
If you still have problems, send the output of:
net ipfilter list
ip route
ip addr
...along with other appropriate config files (ie dhcp server config if you're having dhcp problems, dnscache config if you're having dns problems, etc), and we'll try to sort things out.
--
Charles Steinkuehler
[EMAIL PROTECTED]
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
