At 09:12 AM 2/7/02 -0800, Greg R wrote: >Thank you Matt & David for you replies. > >Let me see if I can provide some more information for you. > >I do not have any firewall enabled, nor is ipchains installed - the router >is wide open. eth0 is the outside interface - I am sure. From the router I >can ping anything anywhere, by IP and by FQDN.
Oh. If you literally "do not have any firewall enabled" or "ipchains installed", then you do not have NAT (IP Masq) enabled, since it is the forward chain of the ipchains ruleset that handles NAT. As a result, the packets from the LAN (probably) go out just fine, but return packets from off-LAN don't arrive because outside devices (the DSL router itself and the Internet in general) don't know that your router is their route to 192.168.1.0/24 (they don't know this quite properly; "private address" *means* unroutable, requiring NAT to work). To make this setup work, you must install ipchains and, at a bare minimum, add a rule that MASQs the internal network. I've deleted the rest of your message because as you describe your setup, this omission is almost certainly your problem. The easiest solution is to add one of the drop-in firewall packages that David suggested in the e-mail he sent last night. -- ------------------------------------"Never tell me the odds!"--- Ray Olszewski -- Han Solo Palo Alto, CA [EMAIL PROTECTED] ---------------------------------------------------------------- _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
