At 16:19 1/08/2002, Peter Rundle sent this up the stick:
>>Doubt it, it get's it's DNS from the NAT machine. The windows machine
>>works, the linux box doing the NAT doesn't.
>
>your route and iptables listings would really help us help you
>with the debugging.
Like I said, the traceroutes are identical, but here is the route infor and
iptables listing from the machine in question:
Thanks,
Rob
bunbun:~# route -vF
Kernel IP routing table
Destination Gateway Genmask Flags Metric
Ref Use Iface
10.0.0.0 * 255.255.255.0 U
0 0 0 eth1
144.132.152.0 * 255.255.248.0 U 0 0 0 eth0
default CPE-144-132-152 0.0.0.0 UG 0
0 0 eth0
bunbun:~# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ipac_in all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
LOG all -- 127.0.0.0/8 anywhere LOG level warning
DROP all -- 127.0.0.0/8 anywhere
ACCEPT all -- anywhere 255.255.255.255
ACCEPT all -- INSIDE/24 anywhere
ACCEPT !tcp -- anywhere BASE-ADDRESS.MCAST.NET/4
LOG all -- INSIDE/24 anywhere LOG level warning
DROP all -- INSIDE/24 anywhere
ACCEPT all -- anywhere 255.255.255.255
ACCEPT all -- anywhere CPE-144-132-154-148.nsw.bigpond.net.au
ACCEPT all -- anywhere CPE-144-132-159-255.nsw.bigpond.net.au
LOG all -- anywhere anywhere LOG level warning
DROP all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ipac_in all -- anywhere anywhere
ipac_out all -- anywhere anywhere
ACCEPT all -- INSIDE/24 anywhere
ACCEPT all -- anywhere INSIDE/24
LOG all -- anywhere INSIDE/24 LOG level warning
DROP all -- anywhere INSIDE/24
LOG all -- anywhere anywhere LOG level warning
DROP all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ipac_out all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere 255.255.255.255
ACCEPT all -- anywhere INSIDE/24
ACCEPT !tcp -- anywhere BASE-ADDRESS.MCAST.NET/4
LOG all -- anywhere INSIDE/24 LOG level warning
DROP all -- anywhere INSIDE/24
ACCEPT all -- anywhere 255.255.255.255
ACCEPT all -- CPE-144-132-154-148.nsw.bigpond.net.au anywhere
ACCEPT all -- CPE-144-132-159-255.nsw.bigpond.net.au anywhere
LOG all -- anywhere anywhere LOG level warning
DROP all -- anywhere anywhere
Chain ipac_in (2 references)
target prot opt source destination
all -- anywhere anywhere
tcp -- anywhere anywhere tcp dpt:ftp-data
tcp -- anywhere anywhere tcp dpt:ftp
tcp -- anywhere anywhere tcp dpt:ssh
tcp -- anywhere anywhere tcp dpt:telnet
tcp -- anywhere anywhere tcp dpt:smtp
tcp -- anywhere anywhere tcp dpt:domain
udp -- anywhere anywhere udp dpt:domain
tcp -- anywhere anywhere tcp dpt:www
tcp -- anywhere anywhere tcp dpt:pop3
tcp -- anywhere anywhere tcp
dpts:netbios-ns:netbios-ssn
udp -- anywhere anywhere udp
dpts:netbios-ns:netbios-ssn
tcp -- anywhere anywhere tcp dpt:https
tcp -- anywhere anywhere tcp spt:ftp-data
tcp -- anywhere anywhere tcp spt:ftp
tcp -- anywhere anywhere tcp spt:ssh
tcp -- anywhere anywhere tcp spt:telnet
tcp -- anywhere anywhere tcp spt:smtp
tcp -- anywhere anywhere tcp spt:domain
udp -- anywhere anywhere udp spt:domain
tcp -- anywhere anywhere tcp spt:www
tcp -- anywhere anywhere tcp spt:pop3
tcp -- anywhere anywhere tcp
spts:netbios-ns:netbios-ssn
udp -- anywhere anywhere udp
spts:netbios-ns:netbios-ssn
tcp -- anywhere anywhere tcp spt:https
Chain ipac_out (2 references)
target prot opt source destination
all -- anywhere anywhere
tcp -- anywhere anywhere tcp spt:ftp-data
tcp -- anywhere anywhere tcp spt:ftp
tcp -- anywhere anywhere tcp spt:ssh
tcp -- anywhere anywhere tcp spt:telnet
tcp -- anywhere anywhere tcp spt:smtp
tcp -- anywhere anywhere tcp spt:domain
udp -- anywhere anywhere udp spt:domain
tcp -- anywhere anywhere tcp spt:www
tcp -- anywhere anywhere tcp spt:pop3
tcp -- anywhere anywhere tcp
spts:netbios-ns:netbios-ssn
udp -- anywhere anywhere udp
spts:netbios-ns:netbios-ssn
tcp -- anywhere anywhere tcp spt:https
tcp -- anywhere anywhere tcp dpt:ftp-data
tcp -- anywhere anywhere tcp dpt:ftp
tcp -- anywhere anywhere tcp dpt:ssh
tcp -- anywhere anywhere tcp dpt:telnet
tcp -- anywhere anywhere tcp dpt:smtp
tcp -- anywhere anywhere tcp dpt:domain
udp -- anywhere anywhere udp dpt:domain
tcp -- anywhere anywhere tcp dpt:www
tcp -- anywhere anywhere tcp dpt:pop3
tcp -- anywhere anywhere tcp
dpts:netbios-ns:netbios-ssn
udp -- anywhere anywhere udp
dpts:netbios-ns:netbios-ssn
tcp -- anywhere anywhere tcp dpt:https
--
We don't morally censure you. We just want the money.
This is random quote 1140 of a collection of 1254
[15200.8 km (8207.8 mi), 262.8 deg](Apparent) Rennerian
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
