Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I have an outside WAN connection on the /29 subnet on eth1 of my Endian Linux router (for the most part, an IPTables based router) and an internal connection on the /24 subnet on eth0 of the router. I set up an SNAT masquerade and I can successfully access the internet on computers on my internal /24 network.
I am relatively well versed in firewalls and NAT so I proceeded to set up a DNAT in order to forward packets from the external interface to my internal web server on port 80. I also set up a firewall rule to allow the movement of TCP packets on port 80 into the internal network.
Unfortunately, I cannot seem to connect to the web server through the external IP. I monitored the TCP packets through the Endian interface and also lsof and found that the TCP packets were being destroyed in the SYN_SENT state, whereas they never received a TCP "handshake" (SYN/ACK) from the internal web server in order to begin TCP transmission. For the life of me, I cannot figure out why this is happening.
Some additional notes, the router feeds into the /24 network through a Cisco Catalyst switch. I currently have a Draytek "dumb" router fully functioning including NAT, firewall and IPSec VPN. This router has no trouble forwarding packets to the web server and is currently in production. Also, I tested this same appliance with a Vyatta linux firewall and received the same SYN_SENT packet problem so I don't believe it is a firewall configuration problem.
Feel free to ask if you need any additional information.