LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-02-2005, 08:10 PM   #1
danfiggolfer
LQ Newbie
 
Registered: Jan 2005
Posts: 4

Rep: Reputation: 0
Question Firewall Gateway Setup Problem


I've setup a LINUX PC running SUSE 9.2 that has one leg in the Internet and the other on a 192.168.0.0 Intranet (home network). I have my a laptop also running the same OS as the gateway PC, which is connected directly to the 192.168.0.1 NIC via a crossover cable.

I can ping the 192.168.0.1 interface just fine. Could someone tell me please, why can I not ping the 64.x.x.x NIC that's going to my DSL modem and out to the Internet?

When I run tcpdump to show a ping action to my Intranet NIC via the laptop:
15:53:22.862725 IP fignux.site > 192.168.0.40: icmp 64: echo reply seq 2
15:53:23.862664 IP 192.168.0.40 > fignux.site: icmp 64: echo request seq 3
Versus the same way to the other NIC on the gateway going to the Internet:
15:53:42.017753 IP 192.168.0.40 > adsl-64-1xx-xx-1.dsl.pacbell.net: icmp64: echo request seq 2
I will not receive the echo reply sequence.

My routing on the gateway machine:
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
64.1xx.xx.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 64.1xx.xx.1 0.0.0.0 UG 0 0 0 eth1
My routing on my laptop client connected via crossover cable to the gateway machine:
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0

On the SuSEFirewall2 I have:
FW_ROUTE = yes
FW_MASQUERADE=yes

Everything else is set to the default in /etc/sysconfig Editor.
Once I can ping the external card, then I know I can get the clients attached to the
Gateway Firewall box to the Internet.

Thanks in advance,
danfiggolfer
 
Old 01-02-2005, 10:05 PM   #2
danfiggolfer
LQ Newbie
 
Registered: Jan 2005
Posts: 4

Original Poster
Rep: Reputation: 0
I found out when following this web doc: http://portal.suse.de/sdb/en/2002/07/masq80.html
that I only get a ping response if I ping directly to my host -
and get no response if I do the broadcast ping:


If the network card tests have been successful, proceed now to test if the clients can be reached from the gateway. Use the command ping for this purpose. At least some clients should react to the command ping -c 3 -b 192.168.0.255. The output should be similar to:


WARNING: pinging broadcast address
PING 192.168.0.255 (192.168.0.255) from 192.168.0.1 : 56(84) bytes of data.
64 bytes from 192.168.0.1: icmp_seq=1 ttl=255 time=0.774 ms
64 bytes from 192.168.0.2: icmp_seq=1 ttl=64 time=1.19 ms (DUP!)
64 bytes from 192.168.0.3: icmp_seq=1 ttl=255 time=1.30 ms (DUP!)
64 bytes from 192.168.0.4: icmp_seq=1 ttl=64 time=1.57 ms (DUP!)

--- 192.168.0.255 ping statistics ---
2 packets transmitted, 2 received, +3 duplicates, 0% loss, time 1010ms
rtt min/avg/max/mdev = 0.325/1.033/1.573/0.438 ms


In this example, the machines with the IP addresses 192.168.0.1 (gateway) and 192.168.0.2 to 192.168.0.4 (clients) have replied. If you know the IP address of a client, ping it directly to test the connection.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Mandrake as gateway/firewall -Problem bringing up two NIC zhex900 Linux - Networking 6 06-01-2005 09:24 PM
Mandrake 10, gateway/firewall setup HOWTO zhex900 Linux - Networking 1 12-23-2004 09:47 AM
Setup linux gateway + firewall (redhat 9.0) mirt Linux - Networking 4 04-27-2004 02:46 AM
help with client side NFS-firewall setup and server side NIS-firewall setup niverson Linux - Networking 3 02-02-2004 09:52 AM
Linux gateway/firewall problem dal-san Linux - Networking 3 10-31-2003 04:53 AM


All times are GMT -5. The time now is 10:57 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration