LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-11-2004, 05:17 PM   #1
Singing Banzo
LQ Newbie
 
Registered: Jul 2004
Posts: 20

Rep: Reputation: 0
MDK 10 - Sharing Internet connection - cannot even ping


Hi people, another newbie. My first post here, after reading a lot of previous answers, close to my problem, but not useful to solve it. I read some mini how-tos also.

I installed Mandrake 10 ("higher" security scheme) and the first thing I need to do is to share my ADSL internet connection. Two nics, both working fine, internet connection up, so I simply went to Mandrakelinux Control Center -> Network & Internet -> Internet connection sharing, answer the couple of questions, and I though I was done, but... nope, I can't even make a ping:

Code:
[root@localhost bin]# ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
From 192.168.1.1 icmp_seq=1 Destination Host Unreachable
From 192.168.1.1 icmp_seq=1 Destination Host Unreachable
From 192.168.1.1 icmp_seq=1 Destination Host Unreachable
From 192.168.1.1 icmp_seq=1 Destination Host Unreachable
From 192.168.1.1 icmp_seq=1 Destination Host Unreachable
From 192.168.1.1 icmp_seq=1 Destination Host Unreachable
ping: sendmsg: Operation not permitted
From 192.168.1.1 icmp_seq=2 Destination Host Unreachable
ping: sendmsg: Operation not permitted
From 192.168.1.1 icmp_seq=3 Destination Host Unreachable
ping: sendmsg: Operation not permitted
From 192.168.1.1 icmp_seq=4 Destination Host Unreachable
ping: sendmsg: Operation not permitted
From 192.168.1.1 icmp_seq=5 Destination Host Unreachable
ping: sendmsg: Operation not permitted
From 192.168.1.1 icmp_seq=6 Destination Host Unreachable
ping: sendmsg: Operation not permitted

--- 192.168.1.2 ping statistics ---
6 packets transmitted, 0 received, +11 errors, 100% packet loss, time 5064ms
What's wrong?

Here the details:
Linux Box:
Code:
[root@localhost bin]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0A:E6:B0:A1:C8
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::20a:e6ff:feb0:a1c8/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:12 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1560 (1.5 Kb)  TX bytes:476 (476.0 b)
          Interrupt:11 Base address:0xd000

eth1      Link encap:Ethernet  HWaddr 00:08:54:11:B1:E6
          inet6 addr: fe80::208:54ff:fe11:b1e6/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2342 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2565 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:833596 (814.0 Kb)  TX bytes:289198 (282.4 Kb)
          Interrupt:11 Base address:0xdf00

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:523 errors:0 dropped:0 overruns:0 frame:0
          TX packets:523 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:43982 (42.9 Kb)  TX bytes:43982 (42.9 Kb)

ppp0      Link encap:Point-to-Point Protocol
          inet addr:200.55.xxx.xxx  P-t-P:200.32.0.14  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
          RX packets:2185 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2403 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:3
          RX bytes:776044 (757.8 Kb)  TX bytes:226470 (221.1 Kb)
The other machine is a WinXP, connected via hub (hardware works fine):
IP (static): 192.168.1.2
Netmask: 255.255.255.0
Gateway: 192.168.1.1

I also tried with dynamic IP, but it can't find the DHCP server.
When I ping 192.168.1.1 from the WinXP, I get "host unreachable".

Thank you in advance.
Andres.
 
Old 07-12-2004, 05:33 AM   #2
lachlan
Member
 
Registered: Jan 2002
Location: New Zealand
Distribution: Mandrake 9.1,Suse 8.2
Posts: 139

Rep: Reputation: 15
Try ifconfig eth0 192.168.1.1 netmask 255.255.255.0 up (as root).If that does not work you could try making a new lan connection.

Lachlan
 
Old 07-12-2004, 08:28 AM   #3
Singing Banzo
LQ Newbie
 
Registered: Jul 2004
Posts: 20

Original Poster
Rep: Reputation: 0
But you can see it already has that configuration. What do you mean with "making a new lan connection"? Delete eth0 and install again as new?

As a side note, I tried Coyote Linux with the same parameters, and worked like a charm.
 
Old 07-12-2004, 08:47 AM   #4
pingu
Senior Member
 
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,350

Rep: Reputation: 127Reputation: 127
eth0 has an IP all right, but not eth1.
Have you got them mixed up?
Try moving network cable to the other NIC, or give eth1 a valid IP:
# ifconfig eth1 192.168.1.3
 
Old 07-12-2004, 09:11 AM   #5
Singing Banzo
LQ Newbie
 
Registered: Jul 2004
Posts: 20

Original Poster
Rep: Reputation: 0
No, eth1 address is assigned on ADSL connection, and it's working fine (I can navigate and everithing on Linux box).



Anyway, thank you for the answers. I'm feeling less alone.
 
Old 07-13-2004, 09:27 AM   #6
pingu
Senior Member
 
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,350

Rep: Reputation: 127Reputation: 127
Hmmm...
Are you sure you really have a problem?
I mean, not being able to ping is not necessarily a problem, you did choose high security. That includes not answering ping's.

But the sharing doesn't work, right?
Try this:
# iptables -L
should clear all firewalling rules. (I hope I remember it correct? Type just 'iptables' it'll give you a lot of options.)
Or look in Mandrakes controlcenter about security/firewall.
 
Old 07-14-2004, 08:46 PM   #7
Singing Banzo
LQ Newbie
 
Registered: Jul 2004
Posts: 20

Original Poster
Rep: Reputation: 0
Well, it seems that you was right, I still can't ping, but connection sharing is working! I just continue with the configuration process, thank this. =)
 
Old 07-14-2004, 09:26 PM   #8
sh1ft
Member
 
Registered: Feb 2004
Location: Ottawa, Ontario, Can
Distribution: Slackware, ubuntu
Posts: 391

Rep: Reputation: 31
Quote:
Originally posted by pingu

# iptables -L
should clear all firewalling rules. (I hope I remember it correct? Type just 'iptables' it'll give you a lot of options.)
Or look in Mandrakes controlcenter about security/firewall.
iptables -L will only list all your firewall rules. To clear them all (i don't recommend this) you need to do iptables -F (flush) as root.
 
Old 07-15-2004, 01:19 AM   #9
pingu
Senior Member
 
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,350

Rep: Reputation: 127Reputation: 127
Thanks, sh1ft
Just wanted to add that you don't clear iptables permanently, I meant it only for testing what's blocking pings.
Anyway, he's got it solved.
 
Old 07-18-2004, 01:29 PM   #10
salscozzari
Member
 
Registered: Sep 2003
Posts: 36

Rep: Reputation: 15
What exactly did you do if anything to get the sharing to work? Was it always working and you just could not ping? I am trying the same thing. ETH0 is the WAN connection and ETH1 is the LAN connection. ETH0 is getting it's address from the comcast DHCP server, ETH1 is assigned an internal address. I ran the internet connection sharing wizard and no one could connect or even obtain an IP address. I set the Mandrake box up for DHCP, I then went in and noticed Squid was not started. Do I need Squid to use the internet sharing? I set up Squid and started it but still have nothing. The clients are windows clients and "ipconfig /all" reports the linux LAN NIC as the default gateway and DHCP is assigning the comcast DNS server, using an IP Address in the browser does nothing so it is not a DNS problem. Any insight here?
 
Old 07-19-2004, 07:08 AM   #11
pingu
Senior Member
 
Registered: Jul 2004
Location: Skuttunge SWEDEN
Distribution: Debian preferably
Posts: 1,350

Rep: Reputation: 127Reputation: 127
It could be that you need to enable ip-forwarding.
---------------------------------------------------------------------------------
(I'm copying this from a post by Covel)

If you have iptables:
#enable forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
--------------------------------------------------------------------------------

What is your eth1 connected to? You are talking about "clients", more than one means you have a hub, switch or router here. Which is it?
These clients have eth1 as default gateway, right?

More questions than answers, I'm afraid, with a few more details I hope I can give you some more answers!

Last edited by pingu; 07-19-2004 at 07:17 AM.
 
Old 07-19-2004, 08:24 PM   #12
salscozzari
Member
 
Registered: Sep 2003
Posts: 36

Rep: Reputation: 15
The clients are connected to a simple switch, along with ETH1. ETH0 is connected to a cable modem. No I did not do anything to enable IP fprwarding, I am assuming Mandrake did that with its internet sharing tool. Yes the clients have ETH1 for a gateway.
 
Old 08-16-2004, 07:35 AM   #13
pelgrimforever
Member
 
Registered: Aug 2004
Location: Pelgrim"s home
Posts: 140

Rep: Reputation: 15
I tried:
/proc/sys/net/ipv4/ip_forward

as meantioned in the beginning of this topic.
I get a permission denied,
I'm loggid in as root.

I'm getting rather desperate,
after 3 days trying I still can't get internet sharing up and running ...
 
Old 03-30-2005, 02:40 AM   #14
ardee
LQ Newbie
 
Registered: Jun 2004
Distribution: Gentoo Linux, Ubuntu, Manderake 10 Official
Posts: 5

Rep: Reputation: 0
Talking

Quote:
iptables -L will only list all your firewall rules. To clear them all (i don't recommend this) you need to do iptables -F (flush) as root.
Had the same problem with my Mandrake 10. Flushing the iptables didn't work, so I did some quick and dirty brute force for the pesky iptables:

on root:

service iptables stop

If this doesn't still work, try

init 6

This would reboot your machine.

Worked like magic in my case.

Last edited by ardee; 03-30-2005 at 02:43 AM.
 
Old 03-30-2005, 09:34 PM   #15
Dogface1SG
Member
 
Registered: Oct 2003
Posts: 30

Rep: Reputation: 15
Mandrake and internet sharing

when you set up Internet sharing Mandrake installs Shorewall if it isn't already.

go to the /etc/shorewall directory and edit: Rules, Masq, Interfaces, Policy, and Zones.

Below are my files. They will not be the same as Mandrake shorewalls as they have masq as a zone. Where ever you see loc in mine it should be masq in yours. There are explaination above the rules telling you what and how to do things.

RULES
ACCEPT fw net tcp 53
ACCEPT fw net udp 53
ACCEPT loc fw tcp 22,23,9100
ACCEPT loc fw udp 23,9100
ACCEPT loc fw icmp 8
ACCEPT net fw icmp 8
ACCEPT fw loc icmp
ACCEPT fw net icmp
ACCEPT fw loc tcp 23,9100
ACCEPT fw loc udp 23,9100

MASQ
eth0 eth1

INTERFACES
net eth0 detect dhcp,routefilter,norfc1918,tcpflags
loc eth1 detect tcpflags

POLICY
loc net ACCEPT
fw loc ACCEPT
fw net ACCEPT
net all DROP info
all all REJECT info

ZONES
net Net Internet zone
loc Local Local

I went to Shorewall and did some reading. They recommend getting your internet connection working then removing the Mandrake Shorewall and installing a fresh copy. That is why I don't have masq.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Internet Connection, yet no loopback ping?? cuschu Linux - Networking 20 07-14-2005 06:52 AM
mdk 10.1 - Firewall allows either NFS or Internet connection sharing, not both joseph_k Linux - Networking 3 03-22-2005 01:33 PM
No Internet connection W/mdk 10 tsw Mandriva 5 05-13-2004 05:34 PM
Sharing Internet with two machines, ping doen't work sandrain Linux - Networking 7 02-24-2004 12:59 PM
MDK 9.0, Internet Connection Sharing and Shorewall... deputyjim Linux - Networking 1 11-21-2002 03:14 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:54 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration