LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-20-2003, 11:10 AM   #1
poulaum
LQ Newbie
 
Registered: Feb 2003
Posts: 7

Rep: Reputation: 0
Question lan client starts then stops via RH8 router


arrgghh - it's driving me nuts now.

I've set up RedHat 8 Linux, got the DSL connection working on eth0 and my Lan on eth1 to a laptop with XP. On my RH8 box, this works fine, but it's the laptop that exhits strange behaviour. It runs Messenger through the iptables no problem and Messenger will bring up a window to look at Hotmail etc, but if browse any other site or try to download my email then it starts and downloads a bit (like <1k) and then stops!

I've tried turning off the RH firewall (and the laptop one too), farting around with the iptable forwarding, but am not now convinced the problem is there...

I thought it was a DNS problem on the laptop, but it finds the sites ok :-(

Ideas?

Marc.
 
Old 02-20-2003, 01:52 PM   #2
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,539

Rep: Reputation: 149Reputation: 149
Hard to say without seeing your firewalling script, but I suppose you block too much.
 
Old 02-20-2003, 02:59 PM   #3
poulaum
LQ Newbie
 
Registered: Feb 2003
Posts: 7

Original Poster
Rep: Reputation: 0
Maru,

Well, I've tried the minimalist approach too. iptables -L currently shows:

Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Lokkit-0-50-INPUT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- 10.0.0.0/24 anywhere
ACCEPT all -- anywhere 10.0.0.0/24
DROP all -- !10.0.0.0/24 anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Lokkit-0-50-INPUT (1 references)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp spt:domain dpts:1025:65535
ACCEPT udp -- cache2.cableol.net anywhere udp spt:domain dpts:1025:65535
ACCEPT udp -- cache1.ntli.net anywhere udp spt:domain dpts:1025:65535
ACCEPT tcp -- anywhere anywhere tcp dpt:http flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh flags:SYN,RST,ACK/SYN
ACCEPT tcp -- anywhere anywhere tcp dpt:telnet flags:SYN,RST,ACK/SYN
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
REJECT tcp -- anywhere anywhere tcp dpts:0:1023 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere tcp dpt:nfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp dpts:0:1023 reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere udp dpt:nfs reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere tcp dpts:x11:6009 flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere tcp dpt:xfs flags:SYN,RST,ACK/SYN reject-with icmp-port-unreachable

Also, strangely my XP client looks to be only allowing me to look at Microsoft sites, like I can get through to www.microsoft.com and www.hotmail.com, but not my home page www.i-solve.co.uk.

What's the easiest way to turn off all blocking but still do the maquerading for the lan to internet?

Thanks,

Marc.
 
Old 02-21-2003, 04:19 PM   #4
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,539

Rep: Reputation: 149Reputation: 149
Something like
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -A FORWARD -i eth0 -j ACCEPT
(but look if the interfaces are OK).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Mouse pointer starts/stops programs and windows by itself, new install of Fidora 4. cwforscht Linux - Software 2 11-18-2005 12:03 PM
Mysql starts and suddendly stops braungiobi Linux - Software 4 03-13-2005 10:27 AM
Postfix stops as soon as it starts jonlake Fedora 3 06-19-2004 11:04 AM
Routing LAN -> WAN -> LAN with unhelpful router synx13 Linux - Networking 2 06-14-2004 03:35 PM
LAN interface on Gateway stops being able to send info to LAN intermittantly. BurnFEST Debian 2 11-01-2003 04:16 AM


All times are GMT -5. The time now is 07:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration