RE: forwarding (continued)

[George Vieira]

sure your haven natted icmp too?? or just tcp?? thanks, George Vieira Systems Manager Citadel Computer Systems P/L http://www.citadelcomputer.com.au -----Original Message----- From: Tim [mailto:[EMAIL PROTECTED]] Sent: Monday, 08 July 2002 2:54 PM To: iptables-list Subject: Re: forwarding (continued) Antony,   INTERNAL IP = 192.168.1.0/24  -- range 1 thru 11 DMZ IP = 172.16.1.0/24 -- range 1 thru 5   The reason I believe I know it is not forwarding....is that when I ping from the DMZ I get a "request time out", although come to think of it, it is actually giving me a response, its just not necessarily the response I want.   Well in any case I issue the command iptables -L -n -v and it reports that packets did get to the forwarding rule it just looks like I got a "request time out" response. So, (having some enlightenment), do I need to specify a rule for icmp types here?   On the files attached I use ping from a box on the DMZ to ping an INTERNAL box I ran the command "iptables -L -n -v -x and iptables -L -n -v -x -t nat" and the results are in the files Lvnx and Lvnxtnat text files.   I then used ping from a box from an INTERNAL box to ping a DMZ box and ran the same commands as mentioned and the results are in the Lvnx2 and Lvnxtnat2 text file. The other files are obvious.   It really goes back to the sig, routing, routing and routing......I just can't seem to put my finger on it. Thanks for the assist, I appreciate the time and patience.   Tim Rodriguez Network Security Student -- To me, being a student means that misconceptions and errors are a way of learning. Frustration means that I'm learning. Perseverance is of the utmost if one wants to learn. Having someone to turn to ask for clarification is invaluable.   Thank you. --