> -----Original Message-----
> From: Tanner, Robby [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, January 24, 2001 1:49 PM
> To: 'Linux (LOSURS Q&A)'; '[EMAIL PROTECTED]'; 'Linux Group
> (Saskatoon)'
> Cc: 'Andrew Allsopp'; '[EMAIL PROTECTED]'
> Subject: More Firewall Problems
>
>
> To recap:
> I have a P-75 with RH6.0 running IPCHAINS and SQUID.
> I am trying to get some simple routing up.
>
> The adapters are configured as follows:
>
> (Internet) External Card: 24.68.176.193 (gateway 24.68.176.1)
> (LAN) Internal Card: 204.112.40.3
>
> I have an NT workstation with it's default gateway set to
> 204.112.40.3.
>
> >From the firewall I can ping the LAN and anything on the web.
> >From the workstation I can ping both adapters of the
> firewall (should I be
> able to???).
>
> I have ip fowarding turned off and my routing table is:
>
> Destination Gateway Genmask Flags Metric
> Ref Use
> Iface
> 24.68.176.193 * 255.255.255.255 UH 0
> 0 0 eth0
> 204.112.40.3 * 255.255.255.255 UH 0
> 0 0 eth1
> 204.112.40.0 * 255.255.255.0 U 0
> 0 0 eth1
> 24.68.176.0 * 255.255.255.0 U 0
> 0 0 eth0
> 127.0.0.0 * 255.0.0.0 U 0
> 0 0 lo
> default 24.68.176.1 0.0.0.0 UG 1
> 0 0 eth0
>
>
> My ipchains is (so far) configured as:
>
> Chain input (policy ACCEPT):
> Chain forward (policy ACCEPT):
> Chain output (policy ACCEPT):
>
> I am unable, however, to ping the default gateway for the
> external card
> (24.68.176.1) or reach any part of the internet from any
> computer other than
> the firewall.
If you turn off ip forwarding, you won't be able use IP masquerading. Your
firewall is simply dropping all these packets it is receiving, since they
aren't addressed to one of 127.0.0.0/24.68.176.193/204.112.40.3
John
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
