Client behind FW cannot get out
der.hans
PLUGd@LuftHans.com
Mon, 19 Jun 2000 21:25:03 -0700 (MST)
Am 09. Jun, 2000 schwäzte foodog@uswest.net so:
> I'm no expert but since nobody else has chimed in... You
> might recheck your script and make sure everything's in
> order; ip forwarding is enabled, masq modules are loaded...
>
> to see if forwarding's on type (as root, I s'pose)
> cat /proc/sys/net/ipv4/ip_forward
> if it doesn't display "1" without the quotes then do:
> echo "1" > /proc/sys/net/ipv4/ip_forward
ip_forward is the part I always forget to check by hand when debugging a
setup :).
RH 6.1 should be kernel 2.2.x ( next time let us know for certain :). If
that's true, then use "ipchains -L -n | less" to look at your
firewall/masq rules.
On the Linux box, pull up sniffit in one window and look for connections.
From the 98 box try several things to the Linux box, e.g. ping,
traceroute, telnet, web, ftp, ssh. Now try those same services against
hosts on the net.
If this isn't getting you anywhere, redo some of your rules with the
"-l" option to log packets into syslogd. Now try stuff specifically
against those rules.
Oh, and get a surge protector and a ups and forget about the storms ;-).
ciao,
der.hans
--
# der.hans@LuftHans.com home.pages.de/~lufthans/ www.Opnix.com
# Motorraeder toeten nicht. Motorraeder werden getoetet.