/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */ Hi, I read the IP-Masq HOWTO Beta 2 with kernel 2.4.x support from the official website. I followed everything from compiling the kernel to the Too many errors encountered; the rest of the message is ignored: rc.firewall file. My internal network is all working. We can ping each other. I can even ping from the masq-ed machine to 65.184.144.40 (external IP Ethernet - eth0 IP #). The external connection is also fine. I can ping outside from the masq machine. However, I cannot ping external internet from the masq-ed machine (e.g. ping 152.19.254.81 from 192.168.0.10). Here's my setting: eth0: external (DSL with DCHP), IP: 65.184.144.41 (static) eth1: internal network (192.168.0.0), IP: 192.168.0.1 rc.firewall: simple ruleset from your site, no modification except for IPTABLES (changed to the right location). Distribution: Slackware Kernel: 2.4.5 iptables v1.2.2 $IPTABLES -P FORWARD DROP $IPTABLES -t nat -A POSTROUTING -o eth0 -j MASQUERADE Here's more info: #netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 65.187.144.51 0.0.0.0 255.255.255.252 UH 40 0 0 eth0 192.168.0.1 0.0.0.0 255.255.255.0 UH 40 0 0 eth1 65.187.144.50 0.0.0.0 255.255.255.252 U 40 0 0 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 40 0 0 eth1 127.0.0.0 0.0.0.0 255.0.0.0 U 40 0 0 lo 0.0.0.0 65.187.144.52 0.0.0.0 UG 40 0 0 eth0 #netstat -M netstat: no support for `ip_masquerade' on this system. I did not get any error when I ran the iptables commands. I also check with the ISP if it's OK to do masquerading. Could it be ICMP? I read the manual and it says that I should turn on ICMP masquerading on... How can I do that? (I'm a newbie). Could anyone help me figure this thing out? I've been trying for 2 days but I haven't gotten anywhere. I really appreciate your attention and help. Regards, Handoko __________________________________________________ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
