Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Thomas Dukes
_ From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of cliff here Sent: Monday, July 05, 2010 10:56 PM To: CentOS mailing list Subject: Re: [CentOS] DNS or firewall problem yea that needs to be a 1 Thanks, I'll give that a try

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Timothy Murphy
cliff here wrote: net.ipv4.conf.ip_forward = 0 ?? change to = 1 ?? yea that needs to be a 1 That cannot be mandatory, as I have a 0 there and do not have the OP's problem. As I mentioned, the default in shorewall is that loc to $FW, ie connection from machines on the local LAN to server,

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Chan Chung Hang Christopher
Are you running a proxy for http? It would be rather surprising that internal machines can access the Internet without forwarding turned on otherwise. When you say internal machines cannot access your server, are they connecting to it via the local interface's ip or the Internet ip?

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread cliff here
Well if you want the kernel to route IPV4 traffic, then yes it has to be 1 On 7/6/10, Timothy Murphy gayle...@eircom.net wrote: cliff here wrote: net.ipv4.conf.ip_forward = 0 ?? change to = 1 ?? yea that needs to be a 1 That cannot be mandatory, as I have a 0 there and do not have the

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Basil Kurian
echo 1 /proc/sys/net/ipv4/ip_forward On 6 July 2010 21:17, Basil Kurian basilkur...@gmail.com wrote: enable ipv4_forwarding in /etc/sysctl.conf # service iptables start # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE eth0 is the interface connected to modem. On 6 July 2010

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Basil Kurian
enable ipv4_forwarding in /etc/sysctl.conf # service iptables start # iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE eth0 is the interface connected to modem. On 6 July 2010 04:30, Thomas Dukes tdu...@sc.rr.com wrote: Been working this for over a month now and I'm stumped.

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Timothy Murphy
cliff here wrote: Well if you want the kernel to route IPV4 traffic, then yes it has to be 1 net.ipv4.conf.ip_forward = 0 ?? change to = 1 ?? yea that needs to be a 1 That cannot be mandatory, as I have a 0 there and do not have the OP's problem. You've changed the question. The OP

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Dominik Zyla
On Tue, Jul 06, 2010 at 09:19:41PM +0100, Timothy Murphy wrote: cliff here wrote: Well if you want the kernel to route IPV4 traffic, then yes it has to be 1 net.ipv4.conf.ip_forward = 0 ?? change to = 1 ?? yea that needs to be a 1 That cannot be mandatory, as I have a 0

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Thomas Dukes
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Chan Chung Hang Christopher Sent: Tuesday, July 06, 2010 9:28 AM To: centos@centos.org Subject: Re: [CentOS] DNS or firewall problem Are you running a proxy for http

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Timothy Murphy
Dominik Zyla wrote: Are you saying you must have the setting you mention in /etc/sysctl.conf ? That cannot be true, as I can access my server and I don't have your entry. Check your iptables rules. Maybe there are no INPUT rules to access your gateway via internal nic. I don't see the

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Christopher Chan
# Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. ugh...fwbuilder crap...oh well. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Thomas Dukes
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Christopher Chan Sent: Tuesday, July 06, 2010 9:13 PM To: centos@centos.org Subject: Re: [CentOS] DNS or firewall problem # Firewall configuration written by system-config

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Christopher Chan
Hmm...you do not appear to have a blanket accept for your internal interface. What services are supposed to be open to the internal lan? Really just intersted in web, ftp and maybe samba Well, the rules do accept connections for them three so no problem here. Not really relying on my

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Thomas Dukes
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Christopher Chan Sent: Tuesday, July 06, 2010 10:31 PM To: centos@centos.org Subject: Re: [CentOS] DNS or firewall problem Hmm...you do not appear to have a blanket accept

Re: [CentOS] DNS or firewall problem

2010-07-06 Thread Christopher Chan
I have most services turned off but can activate them , remotely, from webmin if I need ssh or ftp. Well, I guess you first need to allow connections to webmin (from INSIDE - even if you are absolutely certain no one can guess your password) unless you are only going to do it from the

[CentOS] DNS or firewall problem

2010-07-05 Thread Thomas Dukes
Been working this for over a month now and I'm stumped. Everything was working until the 'crash'. Backup was no good so I did a fresh install of centos 5.5. Trying to get things back like they were but its been a really long time since I had to set things up from scratch, Redhat 2.0. My centos

Re: [CentOS] DNS or firewall problem

2010-07-05 Thread Cliff
Do u have ipv4 forwarding on in your /etc/syscttl Sent from my iPhone On Jul 5, 2010, at 7:00 PM, Thomas Dukes tdu...@sc.rr.com wrote: Been working this for over a month now and I'm stumped. Everything was working until the 'crash'. Backup was no good so I did a fresh install of centos

Re: [CentOS] DNS or firewall problem

2010-07-05 Thread Thomas Dukes
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Cliff Sent: Monday, July 05, 2010 8:05 PM To: CentOS mailing list Subject: Re: [CentOS] DNS or firewall problem Do u have ipv4 forwarding on in your /etc/syscttl Sent from my

Re: [CentOS] DNS or firewall problem

2010-07-05 Thread Christopher Chan
On Tuesday, July 06, 2010 08:12 AM, Thomas Dukes wrote: -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Cliff Sent: Monday, July 05, 2010 8:05 PM To: CentOS mailing list Subject: Re: [CentOS] DNS or firewall problem Do u have

Re: [CentOS] DNS or firewall problem

2010-07-05 Thread Timothy Murphy
Thomas Dukes wrote: Do u have ipv4 forwarding on in your /etc/syscttl Uhhh, in /etc/sysctl.conf, net.ipv4.conf.ip_forward = 0 ?? change to = 1 ?? I have more or less the same setup as you, and I have net.ipv4.conf.ip_forward = 0 in /etc/sysctl like you, but I have no problem

Re: [CentOS] DNS or firewall problem

2010-07-05 Thread Thomas Dukes
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Christopher Chan Sent: Monday, July 05, 2010 8:42 PM To: centos@centos.org Subject: Re: [CentOS] DNS or firewall problem On Tuesday, July 06, 2010 08:12 AM, Thomas Dukes wrote

Re: [CentOS] DNS or firewall problem

2010-07-05 Thread Thomas Dukes
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Timothy Murphy Sent: Monday, July 05, 2010 10:11 PM To: centos@centos.org Subject: Re: [CentOS] DNS or firewall problem Thomas Dukes wrote: Do u have ipv4 forwarding

Re: [CentOS] DNS or firewall problem

2010-07-05 Thread cliff here
: [CentOS] DNS or firewall problem Do u have ipv4 forwarding on in your /etc/syscttl Sent from my iPhone Uhhh, in /etc/sysctl.conf, net.ipv4.conf.ip_forward = 0 ?? change to = 1 ?? --Eddie On Jul 5, 2010, at 7:00 PM, Thomas Dukes tdu...@sc.rr.com wrote: Been working