Re: [vox-tech] Linux as gateway

Mon, 27 Aug 2001 13:58:59 -0700 

jimmy,

you can get some clues about where the packets are going.

1. from your 'gateway' type: tcpdump -i eth(outside)
2. from your internal machine, type ping (outside whatever)

see if the ping packets are leaving your livingroom network.  also, try:

1. from your 'gateway' type: tcpdump -i eth(inside)
2. from your internal machine, type ping (outside whatever)

see if the gateway is receiving packets from the local machine.  also, try:

1. from infernal machine, type:  tcpdump -i eth0
2. from infernal machine, type:  ping (outside whatever)

now you should know exactly where packets are going and where they're not
going.

i've never played with iptables before; i still use ipchains.  actually, i'm
waiting for jeff to teach me iptables.  ;)

also, is this gateway simply providing masquerading or is it actually
filtering?

pete


begin: Terminator <[EMAIL PROTECTED]> quote
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> hi,
> 
> I'm trying to let a Redhat 7.1 act as a gateway, following steps are
> what I did on the gateway machine:
> 1. echo 1 > /proc/sys/net/ipv4/ip_forward
> 2. ensure iptables's all default policies to be ACCEPT, such as FORWARD,
> INPUT, OUTPUT, POSTROUTING...
> 
> Then in the internal machines, I set the default gateway to be the
> internal ip address of the gateway.
> 
> >From the internal machines, I can ping the internal ip address of the
> gateway, and the external ip address of the gateway. But when I tried
> to ping some other external ip address, it always failed without any
> response.
> 
> Anybody can figure out if I did something wrong? Thanks a lot!
> 
> Jimmy
> ____________________________________________________________
> Jingmin (Jimmy) Zhou
> E-mail : [EMAIL PROTECTED]         ICQ : 19587415
> 
> The future is not set.  There is no fate but what we make
> for ourselves.             - Terminator II, Judgement Day
> ____________________________________________________________
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
> 
> iEYEARECAAYFAjuKsUwACgkQZ1kuLJJ1tnLyUQCghcPiBKx8jFhJCE2zpA7uT9mm
> 5nEAn3TkgUmuCcE4hwyWyvIvS/YhXr8S
> =SAO2
> -----END PGP SIGNATURE-----
> 

-- 
"The following addresses had permanent fatal errors..."      [EMAIL PROTECTED]
                               -- Mailer Daemon              www.dirac.org/p

Reply via email to