/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */ [EMAIL PROTECTED] wrote: > Thans Raf and Candor for replying, > > The firewall file did have 1 echoed to ip_forward, ip_always_defrag and > ip_dynaddr files. The actual file: > http://www.ithaca.edu/soria/rc-firewall.html > > I tried the echo 1 > .... comands with and without "1" quotes arround the > 1, however none of these files get changed from the defaults of 0 to 1. huh? the /proc entries are there but they can't be changed? in other words, the following happens? $ echo /proc/sys/net/ipv4/ip_forward 0 $ echo 1 /proc/sys/net/ipv4/ip_forward $ echo /proc/sys/net/ipv4/ip_forward 0 is that what you're saying? that's odd. maybe that's possible when the kernel is configured with /proc filesystems support but not sysctl support. i don't think it's likely. i'd expect the sysctl entries in the /proc filesystem not to exist under those conditions. but check it anyway. if that's not what you're saying, maybe the script just isn't getting run. when you do: ipchains -Lnv what happens? can you see the masquerading rules? does everything look ok? if not, make sure that the rc.firewall script is actually getting executed by something (probably rc.local) at bootup. if it does look ok, what packets happen when you try to forward packets through the masquerading host. what does tcpdump on both interfaces tell you? what does windump on the win98 host tell you? > Should I manually go in and change the files, or is there some other > modification I need to do to my rc.firewall file, which I am not aware of. > All I did to the rc.firewall file was to make it executable and modified > the /etc/rc.d/rc.local file. Should I modify these files by hand? > > The win host does have as its default gateway the linux server > (192.168.0.1). > > Thanks, > > Francisco > > On Tue, 24 Apr 2001, raf wrote: > > > /* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! > > /* ALSO: Don't quote this header. It makes you look lame :-) */ > > > > > > Francisco X. Soria wrote: > > > > > Hi! > > > > > > I stuck on the last set of tests for ip masq. I have a RH 6.2 server masquing > > > for a win 98 pc. I followed all the how to steps, and from the server, I can > > > ping both the static eth0 (192.168.0.1) and the DHCP eth1 (66.24.1.248) > > > interfaces, and to the win 98 pc (192.168.0.2). From the win 98 pc I can ping > > > its own ip, and both the eth0 and eth1 interfaces of the server, however I can > > > not ping external ip addresses from the internet from the win pc. I can > > > however ping external ip addresses from he linux server. > > > > > > I enabled networking + FORWARD_IPV4 in the network file and configured the > > > rc.d document as specified in the HOWTO. The windows 98 client has linux > > > server (192.168.0.1) set up as its primary gateway and has its Domain defined > > > as twcny.rr.com with appropriate DNS servers. > > > > > > I have read through the HOWTO and through the mailings but could not find an > > > answer. I suspect it may have something to do with what I did with the rc.d > > > file. I made the file executable and added the following to the > > > /etc/rc.d/rc.local file: echo "Loading the rc.firewall ruleset.." > > > /etc/rc.d/rc.firewall > > > > > > I rebooted the machine but I noticed the /proc/sys/net/ipv4/ip_always_defrag > > > file that was supposed to be modified by the script was not modified to show a > > > 1 instead of a 0, not even after reboot. Since I am a novice, I am not sure > > > if there is anything else I have to do to the file or if this is even the > > > problem. If you have any sugestions or could point me to some additional > > > readings, I would greatly appreciate it. Thanks in advance! > > > > > > my system info can be viewed at: http://www.ithaca.edu/soria/system.html > > > > > > Best Regards, > > > > > > Francisco Soria > > > > what are the contents of /proc/sys/net/ipv4/ip_forward? > > it should be 1, not 0. this behaviour sounds like it's 0. > > although setting FORWARD_IPV4 should make it 1. > > > > raf > > > > _______________________________________________ > > Masq maillist - [EMAIL PROTECTED] > > Admin requests can be handled at http://www.indyramp.com/masq-list/ -- > > THIS INCLUDES UNSUBSCRIBING! > > or email to [EMAIL PROTECTED] > > > > PLEASE read the HOWTO and search the archives before posting. > > You can start your search at http://www.indyramp.com/masq/ > > Please keep general linux/unix/pc/internet questions off the list. _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
