Dear all,
I'm fairly new to IP masquerading, but have about 2 years linux experience
and a reasonable knowledge of networks. I have what is (hopefully!) a
simple question.
Its a relatively simple configuration:
Linux box with PPP connection to ISP (where I always have the same IP
address), and an ethernet card in the linux box.
The ethernet interface has the following config:
eth0 Link encap:Ethernet HWaddr 00:10:4B:B3:31:82
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
The Linux box also runs dhcpd & Samba. My routing table (with the PPP
link down) looks like:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
255.255.255.255 0.0.0.0 255.255.255.255 UH 0 0 0
eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 1
eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 1 lo
My rc.local file has:
# Setup Firewalling / IP-Masquerading options
# Set default forwarding policy to deny
/sbin/ipfwadm -F -p deny
# Masquerade addresses on local subnet
/sbin/ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0
The problem I have is that although masquerading works fine with the PPP
link up (I can ftp, browse the web, etc from machines on the masqueraded
net) - with the link down I want the linux box to send out ICMP
unreachable messages to the other hosts for IP requests which are not on
the local subnet.
In other words, if the PPP link is down, I want the masqueraded machines
to be told "destination unreachable", nut It doesn't seem to do this -
they just hang (& timeout).
Anyone know of a way of enabling this?
Cheers,
Marc
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
