Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have Internet access from my firewall/linux box but my MS box (192.168.0.2) can no longer access the internet but can access the linux box (ping, samba etc). Everything has been running great for the last 2 months without a problem but it just stopped dead today.
and please also check these /proc settings..
cat /proc/sys/net/ipv4/tcp_ecn # should be 0
Another member here had this change after an update..
and cat /proc/sys/net/ipv4/ip_forward # should be 1
Last edited by peter_robb; 12-19-2004 at 01:19 PM.
Wow Im at a loss.... everything still looks good..but Im not very good at this stuff
[root@firewall root]# iptables-save
# Generated by iptables-save v1.2.9 on Sun Dec 19 13:23:14 2004
*mangle
:PREROUTING ACCEPT [6139:1225043]
:INPUT ACCEPT [6139:1225043]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [8159:7719359]
:POSTROUTING ACCEPT [8165:7720796]
COMMIT
# Completed on Sun Dec 19 13:23:14 2004
# Generated by iptables-save v1.2.9 on Sun Dec 19 13:23:14 2004
*nat
:PREROUTING ACCEPT [396:128942]
:POSTROUTING ACCEPT [282:19442]
:OUTPUT ACCEPT [282:19442]
-A POSTROUTING -s 192.168.0.0/255.255.255.0 -o eth0 -j SNAT --to-source 24.14.xxx.xxx (edited)
COMMIT
# Completed on Sun Dec 19 13:23:14 2004
# Generated by iptables-save v1.2.9 on Sun Dec 19 13:23:14 2004
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [8159:7719359]
:TRUSTED - [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 143 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT -s 192.168.0.0/255.255.255.0 -i eth1 -m state --state NEW -j ACCEPT
-A INPUT -i eth1 -p udp -m state --state NEW -m udp --dport 67 -j ACCEPT
-A INPUT -i lo -m state --state NEW -j ACCEPT
-A INPUT -m state --state NEW -j TRUSTED
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.0.0/255.255.255.0 -i eth1 -m state --state NEW -j ACCEPT
-A FORWARD -m state --state NEW -j TRUSTED
-A OUTPUT -d 192.168.0.0/255.255.255.0 -o eth1 -p icmp -j ACCEPT
-A OUTPUT -p icmp -m state --state INVALID -j DROP
-A TRUSTED -s 209.117.5.0/255.255.255.0 -j ACCEPT
-A TRUSTED -d 24.14.xxx.xxx (edited) -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A TRUSTED -d 192.168.0.1 -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A TRUSTED -p icmp -j DROP
-A TRUSTED -j REJECT --reject-with icmp-port-unreachable
COMMIT
# Completed on Sun Dec 19 13:23:14 2004
[root@firewall root]# cat /proc/sys/net/ipv4/tcp_ecn
0
[root@firewall root]# cat /proc/sys/net/ipv4/ip_forward
1
I compared a few options on my MS box and the laptop...
Under the DNS tab - the Append parent suffixes of the primary DNS suffix was turned on the laptop for resolution of unqualified names.
and the WINS tab / NetBIOS setting - Enable NetBIOS over TCP/IP was checked on the laptop and the other box had the Default (Use Netbios setting from teh DHCP server. If static IP address is used or the DHCP server does not provide NetBIOS setting, enable NetBIOS over TOP/IP) setting checked.
I also turned off the MS firewall, but this was on the laptop too....
Once all that was changed, I could connect to the internet....I turned the firewall back on and could still connect, but with that flaky MS crap I just kept it off.
Im still curious to see what you gurus think.
TheGnubie
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.