Le Dimanche 4 Août 2002 18:43, John Desmond a écrit :
> I hope you can help me. I've been using ESb4 and its
> predecessors for about two years and decided it's time
> to upgrade to a more modern LEAF. I downloaded Bering
> V1.0-rc3 and documentation and made the suggested
> changes for my particular situation: several
> workstations behind LEAF, which is handling the pppoe
> connection to the ISP through the ADSL modem. No port
> forwarding going on. The pppoe link came up without a
> hitch but packet forwarding is not working.
>
> Symptoms:
> 1. I can ping the firewall from a workstation and can
> browse the weblet (nice improvements there, BTW).
> 2. I can ping the workstations and external sites from
> the firewall.
> 3. I *can't* ping ("unreachable destination") external
> sites by IP from the workstations through the
> firewall. It also causes a reject in the logs. See
> excerpt from logs below.
> 4. I *can't* ping (long delay and eventual "unknown
> host xxxxxxx") an external site by name. It also
> causes a flurry of rejects in the logs as dnscache
> tries to hit the root nameservers (which seems at odds
> with #2, above). See excerpt from logs below.Your ppp interface does not seem declared in your shorewall interface file > ============================================= > Shorewall configuration data > > --------------------------------------------- > /etc/shorewall/shorewall.conf: (most comments deleted) > > > CLAMPMSS="No" should probably set to Yes > ------------------------------------------------ > /etc/shorewall/interfaces > #ZONE INTERFACE BROADCAST OPTIONS > #net eth0 detect dhcp,routefilter,norfc1918 > net eth0 detect routefilter,norfc1918 > loc eth1 detect routestopped > >From the doc: http://leaf.sourceforge.net/devel/jnilo/bupppoe.html#AEN361 should probably look like: #ZONE INTERFACE BROADCAST OPTIONS net ppp0 - routefilter loc eth1 detect routestopped #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE How your /etc/network/interfaces looks like ? http://leaf.sourceforge.net/devel/jnilo/bupppoe.html#AEN341 Jacques ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
