Ola pessoal, to com um problema em uma maquina que n�o dei conta de resolver,
conto com a ajuda de vcs.
O problema � o seguinte: tenho duas maquinas:
o fire 1 tem duas placas de rede uma na rede local
e uma em um link da internet, essa maquina est� com ip_forward ativo.
ela pinga a rede 192.168.0.0 e pinga normalmente a internet, ele usa o
dns na propria maquina 192.168.0.1
no fire2 tbm tem duas placas de rede uma rede 192.168.0.0 e outra rede
172.16.0.0, eu consigo pingar a rede 192.168.0.0, mas qdo tento pingar qqer
endereco da internet ele resolve o numero do ip, mas naum responde.
o resolv.conf ta configurado para 192.168.0.1.
as outras maquinas (web, mail) so fazem parte da rede 192.168.0.0 e conseguem
pingar a internet normalmente.
abaixo tem o resultado dos comando ifconfig, route, iptables das maquinas.
se alguem tiver alguma solucao...
agrade�o a qqer colaboracao
Reginaldo
maquina: fire1
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:7D:AD:18:B7
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:88826 errors:0 dropped:0 overruns:0 frame:0
TX packets:86593 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13969249 (13.3 MiB) TX bytes:61286848 (58.4 MiB)
Interrupt:9 Base address:0xd800
eth1 Link encap:Ethernet HWaddr 00:E0:7D:75:8B:83
inet addr:200.247.X.4 Bcast:200.247.X.255 Mask:255.255.255.128
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:158305 errors:0 dropped:0 overruns:0 frame:0
TX packets:80180 errors:0 dropped:0 overruns:1 carrier:0
collisions:0 txqueuelen:1000
RX bytes:64762786 (61.7 MiB) TX bytes:12284575 (11.7 MiB)
Interrupt:12 Base address:0xda00
eth1:0 Link encap:Ethernet HWaddr 00:E0:7D:75:8B:83
inet addr:200.247.X.2 Bcast:200.247.X.255 Mask:255.255.255.128
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:12 Base address:0xda00
eth1:1 Link encap:Ethernet HWaddr 00:E0:7D:75:8B:83
inet addr:200.247.X.3 Bcast:200.247.X.255 Mask:255.255.255.128
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:12 Base address:0xda00
# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
200.247.X.0 * 255.255.255.128 U 0 0 0 eth1
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
default * 0.0.0.0 U 0 0 0 eth1
# iptables -t nat -nL
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DNAT tcp -- 0.0.0.0/0 200.247.X.2 tcp dpt:25
to:192.168.0.2:25
DNAT tcp -- 0.0.0.0/0 200.247.X.2 tcp dpt:110
to:192.168.0.2:110
DNAT tcp -- 0.0.0.0/0 200.247.X.2 tcp dpt:8090
to:192.168.0.2:8090
DNAT tcp -- 0.0.0.0/0 200.247.X.3 tcp dpt:80
to:192.168.0.3:80
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 192.168.0.0/24 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
m�quina fire2
# ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:7D:86:E4:69
inet addr:192.168.0.4 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11248 errors:0 dropped:0 overruns:0 frame:0
TX packets:4113 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1409790 (1.3 MiB) TX bytes:375311 (366.5 KiB)
Interrupt:9 Base address:0xd800
eth1 Link encap:Ethernet HWaddr 00:E0:7D:AD:32:30
inet addr:172.16.0.1 Bcast:172.16.255.255 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:5578 errors:0 dropped:0 overruns:0 frame:0
TX packets:14594 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:602451 (588.3 KiB) TX bytes:1497825 (1.4 MiB)
Interrupt:12 Base address:0xda00
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:8308 errors:0 dropped:0 overruns:0 frame:0
TX packets:8308 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:932534 (910.6 KiB) TX bytes:932534 (910.6 KiB)
# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
172.16.0.0 * 255.255.0.0 U 0 0 0 eth1
default 172.16.0.1 0.0.0.0 UG 0 0 0 eth1
default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
# iptables -t nat -nL
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
DROP tcp -- 172.16.0.0/16 0.0.0.0/0 tcp dpt:80
MASQUERADE all -- 172.16.0.0/16 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
# ping -v www.uol.com.br
92 bytes from 172.16.0.1: Destination Host Unreachable
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst Data
4 5 00 5400 0000 0 0040 40 01 87c3 172.16.0.1 200.221.2.51
---------------------------------------------------------------------------
Esta lista � patrocinada pela Conectiva S.A. Visite http://www.conectiva.com.br
Arquivo: http://bazar2.conectiva.com.br/mailman/listinfo/linux-br
Regras de utiliza��o da lista: http://linux-br.conectiva.com.br
FAQ: http://www.zago.eti.br/menu.html
