LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-06-2004, 07:08 PM   #1
dc78
LQ Newbie
 
Registered: Jan 2004
Posts: 5

Rep: Reputation: 0
Unable to ping internet through RH7.3 box w/ 2nics


OK here is the problem.

I have a RH7.3 Box with 2 nics

ETH0 is connected to the internet IP uses DHCP

ETH1 has a static IP of 192.168.5.100 which runs dns and dhcp to an internal network.

I have an XP box on the network which can not ping a linksys router with an IP of 192.168.1.1

I can ping Eth0 (192.168.5.100) and ETH1 (192.168.1.101) from the XP box but not the internet or lynksys router.

If I try TCP dump the ping gets to ETH1 but never ETH0. I can ping 192.168.1.1 and the internet for the linux box (via eth0) but not eth1.

Suggestions?




I have IP forwarding turned on and here is my firewall:

#!/bin/sh


#### FLUSH TABLES ####
iptables -F INPUT
iptables -F OUTPUT
iptables -F FORWARD
iptables -t nat -F

#### POLICY SETTINGS ####
#iptables -P INPUT DROP # Drop all incoming packets
iptables -P FORWARD DROP # Drop all forwarded packets
iptables -P OUTPUT ACCEPT # Accept all outgoing packets

#### INPUT ####
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -s 192.168.5.0/24 -j ACCEPT

#### FORWARDING ####
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -d 192.168.5.0/24 -j ACCEPT

#### NATing ####
iptables -A POSTROUTING -t nat -o eth1 -j MASQUERADE


#iptables -P INPUT ACCEPT
#iptables -P OUTPUT ACCEPT
#iptables -P FORWARD ACCEPT
#iptables -t nat - A POSTROUTING -0 eth1 -j MASQUERADE


Here is the output or route

dest gw netmask flags metric ref use iface
192.168.5.0 * 255.255.255.0 U 0 0 0 eth1
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
 
Old 02-07-2004, 05:51 AM   #2
ugge
Senior Member
 
Registered: Dec 2000
Location: Gothenburg, SWEDEN
Distribution: OpenSUSE 10.3
Posts: 1,028

Rep: Reputation: 45
I think your Masquerade is missconfigured.
You want all traffic outbound for the internet to be Masqueraded, but now you have told it to Masquerade all connections exiting on the eth1 interface. Change it to:
iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE
 
Old 02-07-2004, 07:25 PM   #3
dc78
LQ Newbie
 
Registered: Jan 2004
Posts: 5

Original Poster
Rep: Reputation: 0
I tried with this line "iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE" and still no luck.

If I try traceroute 192.168.1.1 -i eth1 it tries 30 times with no luck.

Any other suggestions?

Here are my ifcfg for eth1 and eth0.

eth0:
DEVICE='eth0'
BOOTPROTO='dhcp'
ONBOOT='yes'
TYPE='Ethernet'
USERCTL='no'
NETWORK='192.168.0.0'
BROADCAST='192.168.0.255'
GATEWAY='192.168.1.1'

eth1:
DEVICE='eth1'
ONBOOT='yes'
IPADDR='192.168.5.100'
GATEWAY='192.168.1.1'
TYPE='Ethernet'
USERCTL='no'
NETMASK='255.255.255.0'
BOOTPROTO='none'
NETWORK='192.168.5.0'
BROADCAST='192.168.5.255'
 
Old 02-07-2004, 07:56 PM   #4
dc78
LQ Newbie
 
Registered: Jan 2004
Posts: 5

Original Poster
Rep: Reputation: 0
I got it working.

The line:

iptables -P FORWARD DROP # Drop all forwarded packets

blocked the ping.

It works now. Thanks for the help.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Unable to ping my linux host from windows box prabulinc Linux - Networking 2 08-27-2005 02:32 PM
Unable to ping Linux box Fritz_Monroe Linux - Newbie 3 05-19-2005 07:12 AM
Unable to ping Linux box from Windows westone Linux - Networking 5 07-14-2004 04:41 PM
XP Box won't connect to internet thru RH9 Box (firewall/dhcpd), it can only ping fire Rhapsodic Linux - Networking 4 07-10-2004 03:02 PM
Unable to ping out from RH7.1/Network Disabled Sully Linux - Networking 18 08-12-2001 06:11 PM


All times are GMT -5. The time now is 09:49 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration