Pierfrancesco Caci wrote:
> I'm trying to set up masquerading. I have this configuration:
>
>
> Linux box, called penny, ip=xxx.241 on interfaces ax0 and eth0
> ip=xxx.244 on interface sl0
>
> Dos box, called tippete, ip=xxx.243 connected to penny's sl0
>
> Linux box, called kim, ip=xxx.242, connected to penny's eth0
>
> I have the whole subnet from 240 to 247
>
> I have been able to make tippete talk to penny's sl0 (ping and telnet work)
> but I can't have it communicate with any other ip address on the net.
> I've seen "ICMP Unreachable port" replies coming on the dos box,
> whenever I attempt a connection to the other machines.
> From kim, when telnetting tippete, I get "No route to host"
>
> The whole network worked perfectly before I started messing up with
> ipchains. I mean, if I don't load ipchains at all (commenting out the
> appropriate startup file) the network works, obviously without
> masquerading.
Then your routing appears to be OK.
> Are there any special rules for forwarding? I've tried this without
> success:
>
> ipchains -A forward -j ACCEPT -b -s tippete
First, you need to check that forwarding is enabled, with
cat /proc/sys/net/ipv4/ip_forward
> Also, where can I find some extensive docs about ipchains, possibly
> with some examples? the IP masquerading mini howto talks only about
> ipfwadm
Virtually every ipfwadm command has an equivalent ipchains command.
You just need to learn the translation.
--
Glynn Clements <[EMAIL PROTECTED]>
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
