RE: More Firewall Problems

Wed, 24 Jan 2001 12:57:17 -0800 

Just realized that.
IP fowarding has been turned on and I still cannot reach the internet.


> -----Original Message-----
> From: John MacLean [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 24, 2001 3:07 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: More Firewall Problems
> 
> 
> > -----Original Message-----
> > From: Tanner, Robby [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, January 24, 2001 1:49 PM
> > To: 'Linux (LOSURS Q&A)'; '[EMAIL PROTECTED]'; 'Linux Group
> > (Saskatoon)'
> > Cc: 'Andrew Allsopp'; '[EMAIL PROTECTED]'
> > Subject: More Firewall Problems
> > 
> > 
> > To recap: 
> > I have a P-75 with RH6.0 running IPCHAINS and SQUID.
> > I am trying to get some simple routing up.
> > 
> > The adapters are configured as follows:
> > 
> > (Internet) External Card: 24.68.176.193 (gateway 24.68.176.1)
> > (LAN) Internal Card: 204.112.40.3
> > 
> > I have an NT workstation with it's default gateway set to 
> > 204.112.40.3.
> > 
> > >From the firewall I can ping the LAN and anything on the web.
> > >From the workstation I can ping both adapters of the 
> > firewall (should I be
> > able to???).
> > 
> > I have ip fowarding turned off and my routing table is:
> > 
> > Destination     Gateway         Genmask         Flags Metric 
> > Ref    Use
> > Iface
> > 24.68.176.193   *               255.255.255.255 UH    0      
> > 0        0 eth0
> > 204.112.40.3    *               255.255.255.255 UH    0      
> > 0        0 eth1
> > 204.112.40.0    *               255.255.255.0   U     0      
> > 0        0 eth1
> > 24.68.176.0     *               255.255.255.0   U     0      
> > 0        0 eth0
> > 127.0.0.0       *               255.0.0.0       U     0      
> > 0        0 lo
> > default         24.68.176.1     0.0.0.0         UG    1      
> > 0        0 eth0
> > 
> > 
> > My ipchains is (so far) configured as:
> > 
> > Chain input (policy ACCEPT):
> > Chain forward (policy ACCEPT):
> > Chain output (policy ACCEPT):
> > 
> > I am unable, however, to ping the default gateway for the 
> > external card
> > (24.68.176.1) or reach any part of the internet from any 
> > computer other than
> > the firewall.
> 
> If you turn off ip forwarding, you won't be able use IP 
> masquerading. Your
> firewall is simply dropping all these packets it is 
> receiving, since they
> aren't addressed to one of 127.0.0.0/24.68.176.193/204.112.40.3
> 
> John
> 
> 
> 
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

Reply via email to