LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-23-2002, 01:25 PM   #1
tungro
LQ Newbie
 
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7

Rep: Reputation: 0
Linux refuses to send packets via Internet


Hello!

I've been experiencing some problems - well, one really. I have my Linux box set up as a masquerading gateway to the Internet. I have a network 192.168.0.0 on eth0. The box's IP is 192.168.0.1 and is statically assigned. The Internet is accessed using a modem, whose IP address is dynamically assigned by the ISP.

I have a basic firewall set up using iptables.

Everything has been set up using MCC and using various HOWTOs. However, the Internet doesn't work. It connects all right, but then doesn't do anything. In the details of kppp, it says that only four packets have been sent and received. This number does not change. I guess those packets are the user name and password authentication to my ISP.

There's probably one setting eluding me, and I can't find it. Any ideas?

Oh, almost forgot. I'm running Mandrake 8.1.

Oh, also almost forgot that the network seems to be running ok - pinging works. Pinging the local IP address (modem) from the Linux box seems ok, and also from another comp on the network. I can only ping the ISP server address from the Linux box (only works some of the time) but I can't from any other comp on the network. I can't ping any other IP address on the Internet from any computer.

If you need any more info, tell me, and I'll provide it.

Thanks in advance!
 
Old 02-24-2002, 05:28 AM   #2
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,571

Rep: Reputation: 171Reputation: 171
Hi,
It looks there is something wrong with your firewall. Could you send results of iptables -L ?

Mara
 
Old 02-24-2002, 06:06 AM   #3
tungro
LQ Newbie
 
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7

Original Poster
Rep: Reputation: 0
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


And another note - my firewall is the file http://www.ecst.csuchico.edu/~dranch...c.firewall-2.4 and it is loaded at startup (it takes ages to check all the kernel modiles!)

Thanks for the quick response!

Tungro
 
Old 02-24-2002, 07:12 AM   #4
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,571

Rep: Reputation: 171Reputation: 171
Hi,
This script masquerades from one ethernet card to another. Is it what you want? If not chabge value of EXTIF (it'sthe interface your packets are sent to).

Mara
 
Old 02-24-2002, 07:17 AM   #5
tungro
LQ Newbie
 
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7

Original Poster
Rep: Reputation: 0
Whoops, sorry, I forgot to mention I made two changes to that script. I changed EXTIF to ppp0 and INTIF to eth0. Another change was that I changed the location of iptables to /sbin/iptables because that's where it exists.

Tungro
 
Old 02-24-2002, 08:39 AM   #6
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,571

Rep: Reputation: 171Reputation: 171

Hi,
Your machine is not masqerading. That's why I was asking. But now maybe try
iptables -t nat -A POSTROUTING -o ppp0 -j MASQERADE
from console. There might be a problem, because I think firewall is started before interface ppp0. Maybe try also change ppp0 to ppp+. It was good for ipchains (previous version in kernels 2.2.x), but I haven't tried it with 2.4.x.

Mara
 
Old 02-24-2002, 04:33 PM   #7
tungro
LQ Newbie
 
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7

Original Poster
Rep: Reputation: 0
Hello

No luck with that. I did type that in a console before and after logging in to my ISP, and although it accepted it (is MASQERADE meant to be MASQUERADE? I tried it with a U) doing iptables -L still gave the same as before. And the ping thing - I can ping the ISP computer fine and it sends packets and receives packets all right. But pinging anything else, and it doesn't like it. What I'll do is try to ping some other sites on the Internet, in case the IP address of the site I am testing with is no longer in existence. But I doubt that's true...

Tungro
 
Old 02-25-2002, 01:18 PM   #8
TRBentley
LQ Newbie
 
Registered: May 2001
Location: UK
Distribution: RedHat 8.0
Posts: 14

Rep: Reputation: 0
I have had a similar problem with RH7.2. The the document at the following link http://axion.physics.ubc.ca/ppp-linux.html especally in respect to the section on routes. I found RH had added an extra route entry.
 
Old 02-26-2002, 12:52 PM   #9
tungro
LQ Newbie
 
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7

Original Poster
Rep: Reputation: 0
Thumbs up Success!

Hello again

Thank you for the prompt replies - you have all been very helpful. My problem was solved when I deleted the default route - that was what was causing all the problems.

I have just one final niggle. When loading the rc.firewall script, it takes ages checking all the kernel modules. Is there a quicker way to do this, or is this really necessary? I reboot often (unlike most Linux users, I know) so a kind of fast boot is advantageous.

Cheers!

Tungro
 
Old 02-27-2002, 11:19 AM   #10
tungro
LQ Newbie
 
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7

Original Poster
Rep: Reputation: 0
Hello

Is it okay to skip checking all the kernel modules in the rc.firewall script? Or, even better, is there a way to do this a lot faster? At the moment, booting up takes an age!

Tungro
 
Old 02-27-2002, 01:23 PM   #11
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,571

Rep: Reputation: 171Reputation: 171

If you use a procompiled kernel, it's usually safe not to check. But all neccessary network modules must be loaded!
 
Old 02-27-2002, 02:27 PM   #12
tungro
LQ Newbie
 
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7

Original Poster
Rep: Reputation: 0
Thanks! It is a precompiled kernel, so that should be okay.

Cheers!

Tungro
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Send packets manually Ephracis Programming 4 04-02-2005 04:56 AM
unable to send packets cranium2004 Linux - Networking 2 02-05-2005 10:28 PM
FC3 cannot receive any packets from internet, can only send ben_build#2.1.0 Fedora 1 01-15-2005 03:09 PM
How do you send packets in ASM? Qwirt Programming 4 11-13-2004 03:11 PM
recieve and send IP packets! Farhang Linux - Networking 1 07-25-2004 02:47 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 11:58 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration