Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 01-02-2005, 07:10 PM   #1
LQ Newbie
Registered: Jan 2005
Posts: 4

Rep: Reputation: 0
Question Firewall Gateway Setup Problem

I've setup a LINUX PC running SUSE 9.2 that has one leg in the Internet and the other on a Intranet (home network). I have my a laptop also running the same OS as the gateway PC, which is connected directly to the NIC via a crossover cable.

I can ping the interface just fine. Could someone tell me please, why can I not ping the 64.x.x.x NIC that's going to my DSL modem and out to the Internet?

When I run tcpdump to show a ping action to my Intranet NIC via the laptop:
15:53:22.862725 IP > icmp 64: echo reply seq 2
15:53:23.862664 IP > icmp 64: echo request seq 3
Versus the same way to the other NIC on the gateway going to the Internet:
15:53:42.017753 IP > icmp64: echo request seq 2
I will not receive the echo reply sequence.

My routing on the gateway machine:
Destination Gateway Genmask Flags Metric Ref Use Iface U 0 0 0 eth0
64.1xx.xx.0 U 0 0 0 eth1 U 0 0 0 eth0 U 0 0 0 lo 64.1xx.xx.1 UG 0 0 0 eth1
My routing on my laptop client connected via crossover cable to the gateway machine:
Destination Gateway Genmask Flags Metric Ref Use Iface U 0 0 0 eth0 U 0 0 0 eth0 U 0 0 0 lo UG 0 0 0 eth0

On the SuSEFirewall2 I have:
FW_ROUTE = yes

Everything else is set to the default in /etc/sysconfig Editor.
Once I can ping the external card, then I know I can get the clients attached to the
Gateway Firewall box to the Internet.

Thanks in advance,
Old 01-02-2005, 09:05 PM   #2
LQ Newbie
Registered: Jan 2005
Posts: 4

Original Poster
Rep: Reputation: 0
I found out when following this web doc:
that I only get a ping response if I ping directly to my host -
and get no response if I do the broadcast ping:

If the network card tests have been successful, proceed now to test if the clients can be reached from the gateway. Use the command ping for this purpose. At least some clients should react to the command ping -c 3 -b The output should be similar to:

WARNING: pinging broadcast address
PING ( from : 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=255 time=0.774 ms
64 bytes from icmp_seq=1 ttl=64 time=1.19 ms (DUP!)
64 bytes from icmp_seq=1 ttl=255 time=1.30 ms (DUP!)
64 bytes from icmp_seq=1 ttl=64 time=1.57 ms (DUP!)

--- ping statistics ---
2 packets transmitted, 2 received, +3 duplicates, 0% loss, time 1010ms
rtt min/avg/max/mdev = 0.325/1.033/1.573/0.438 ms

In this example, the machines with the IP addresses (gateway) and to (clients) have replied. If you know the IP address of a client, ping it directly to test the connection.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mandrake as gateway/firewall -Problem bringing up two NIC zhex900 Linux - Networking 6 06-01-2005 08:24 PM
Mandrake 10, gateway/firewall setup HOWTO zhex900 Linux - Networking 1 12-23-2004 08:47 AM
Setup linux gateway + firewall (redhat 9.0) mirt Linux - Networking 4 04-27-2004 01:46 AM
help with client side NFS-firewall setup and server side NIS-firewall setup niverson Linux - Networking 3 02-02-2004 08:52 AM
Linux gateway/firewall problem dal-san Linux - Networking 3 10-31-2003 03:53 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:34 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration