-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thanks for the hint. I run tcpdump -i eth(outside) src internal-
machine-ip, and ping external ip address of gateway, tcpdump
capture nothing. but if I ping other external ip address, tcpdump
capture icmp echo packages. So what's the possible problem here?
Also, if I run tcpdump -i eth(inside) ip proto \\icmp, and ping
from internal machine to internal ip, external ip of gateway,
tcpdump capture both packages. If I ping other external ip address,
tcpdump capture the icmp echo from internal machine to external
machine, but no reply.
Actually I'm trying to do some Masquerade things, but whatever
sample scripts I tried, I always could not ping outside net from
internal net. So I decide to do the simplest at first - no masquerade,
but gateway. However, it still does not work. :-((((
Thanks,
Jimmy
On Mon, 27 Aug 2001, Peter Jay Salzman wrote:
> jimmy,
>
> you can get some clues about where the packets are going.
>
> 1. from your 'gateway' type: tcpdump -i eth(outside)
> 2. from your internal machine, type ping (outside whatever)
>
> see if the ping packets are leaving your livingroom network. also, try:
>
> 1. from your 'gateway' type: tcpdump -i eth(inside)
> 2. from your internal machine, type ping (outside whatever)
>
> see if the gateway is receiving packets from the local machine. also, try:
>
> 1. from infernal machine, type: tcpdump -i eth0
> 2. from infernal machine, type: ping (outside whatever)
>
> now you should know exactly where packets are going and where they're not
> going.
>
> i've never played with iptables before; i still use ipchains. actually, i'm
> waiting for jeff to teach me iptables. ;)
>
> also, is this gateway simply providing masquerading or is it actually
> filtering?
>
> pete
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (IRIX)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjuKzB4ACgkQZ1kuLJJ1tnLe8gCdHrqG4hhki5aTGwvT5G1AGsZ+
GzwAnRopUOQG6o3wUWtDAx6zx16lZ9ic
=ESrv
-----END PGP SIGNATURE-----
