Thanks a lot for your sensible answer. Unfortunately I can't disconnect it right now because my brother is playing Dark Age of Camelot. Instead I opened two ssh sessions and typed:
# tcpdump -i eth0 > /var/tmp/tcpdump I then killed tcpdump and ran: # grep -v [regex*] /var/tmp/tcpdump | grep -v 'arp' * = matches IPs of DAoC servers This produced no output. This establishes a baseline for what is going through eth0 (ext ifc) on the router -- just DAoC stuff and arp chatter on the cable segment. Then I restarted the tcpdump log, and from a machine on the LAN, I telnetted somewhere. The telnet session showed up in the output of tcpdump. Then I tried telnetting from the ssh session on the router itself. This produced NO output from tcpdump. :o( Now to make sure it's not the firewall. Telnetting from the router should involve only the OUTPUT and INPUT chains, right? I typed the following: # iptables -P INPUT ACCEPT # iptables -F INPUT # iptables -P OUTPUT ACCEPT # iptables -F OUTPUT ...and repeated the above test, starting tcpdump logging in one ssh session and telnet in the other. Again, NO telnet output from tcpdump! I am inexperienced with RedHat, having always used Mandrake, and no guru with Linux by any means. Could there be some other firewall in effect besides iptables? Should I check my hosts.{allow,deny}? Do you need to be in a certain group to access the network? I can't even telnet out as root. Big "WTF" here... Krum On Sun, 2003-02-16 at 18:12, nate wrote: > Kevin Krumwiede said: > > > But *routing* of packets continues to work just fine! So it can't be a > > problem with the routing table, right? > > I assume your workin with this machine from the console? if you can > get on the real console(e.g. keyboard, not serial) login on 2 terminals, > disconnect the internal network interface, run tcpdump -i eth0 if that > is the external interface on 1 terminal and ping/traceroute(IP address) > from the other, try the default gateway first of course. > > then reverse, unplug the external and plug in the internal(this is the > easy way to be sure tcpdump is only gathering packets generated from > your actions not that of others on the network). > > also turn on logging for any/all your firewall rules. that may give > some clues too. > > nate > > > > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe > https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list