Hello Johnny > Check tcpdump while the command "ping -c1 -I 172.16.1.10 > google-public-dns-a.google.com [http://google-public-dns-a.google.com]"; is > being run. You'll see that google-public-dns-a.google.com > [http://google-public-dns-a.google.com] is receiving > a ICMP request from 172.16.1.10. The problem is 172.16.1.10 belongs to a > private network so google doesn't know how to route back to you.
Yeah, that's what I see. From the OP: >> When I bind the ping to the internal IP address >> >> ping -c1 -I 172.16.1.10 google-public-dns-a.google.com >> >> it times out. And you only see ICMP traffic in one direction >> >> tcpdump -i eth0 | grep google-public-dns-a.google.com >> [http://google-public-dns-a.google.com] >> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode >> listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes >> 21:10:41.011189 IP 172.16.1.10 > google-public-dns-a.google.com >> [http://google-public-dns-a.google.com]: ICMP echo request, id 9556, seq 1, >> length 64 only the request. Doing this makes sense now that you describe it. I thought the firewall 'knew' about its own interfaces & IPs and didn't need that. I changed > # /etc/shorewall/masq > eth0 172.16.1.10 and restarted, but after doing that, there's no change in the result. Just the 'request', with no 'reply'. What I'm doing is just step by step getting the simplest things working 1st before I graduate to a full setup. So for now it's just show I can ping to the outside world from each IP address on my host. Dale ____________________________________________________________ FREE ONLINE PHOTOSHARING - Share your photos online with your friends and family! Visit http://www.inbox.com/photosharing to find out more! ------------------------------------------------------------------------------ Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
