Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
02-23-2002, 02:25 PM
|
#1
|
LQ Newbie
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7
Rep:
|
Linux refuses to send packets via Internet
Hello!
I've been experiencing some problems - well, one really. I have my Linux box set up as a masquerading gateway to the Internet. I have a network 192.168.0.0 on eth0. The box's IP is 192.168.0.1 and is statically assigned. The Internet is accessed using a modem, whose IP address is dynamically assigned by the ISP.
I have a basic firewall set up using iptables.
Everything has been set up using MCC and using various HOWTOs. However, the Internet doesn't work. It connects all right, but then doesn't do anything. In the details of kppp, it says that only four packets have been sent and received. This number does not change. I guess those packets are the user name and password authentication to my ISP.
There's probably one setting eluding me, and I can't find it. Any ideas?
Oh, almost forgot. I'm running Mandrake 8.1.
Oh, also almost forgot that the network seems to be running ok - pinging works. Pinging the local IP address (modem) from the Linux box seems ok, and also from another comp on the network. I can only ping the ISP server address from the Linux box (only works some of the time) but I can't from any other comp on the network. I can't ping any other IP address on the Internet from any computer.
If you need any more info, tell me, and I'll provide it.
Thanks in advance!
|
|
|
02-24-2002, 06:28 AM
|
#2
|
Moderator
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,696
|
Hi,
It looks there is something wrong with your firewall. Could you send results of iptables -L ?
Mara
|
|
|
02-24-2002, 07:06 AM
|
#3
|
LQ Newbie
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7
Original Poster
Rep:
|
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
And another note - my firewall is the file http://www.ecst.csuchico.edu/~dranch...c.firewall-2.4 and it is loaded at startup (it takes ages to check all the kernel modiles!)
Thanks for the quick response!
Tungro
|
|
|
02-24-2002, 08:12 AM
|
#4
|
Moderator
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,696
|
Hi,
This script masquerades from one ethernet card to another. Is it what you want? If not chabge value of EXTIF (it'sthe interface your packets are sent to).
Mara
|
|
|
02-24-2002, 08:17 AM
|
#5
|
LQ Newbie
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7
Original Poster
Rep:
|
Whoops, sorry, I forgot to mention I made two changes to that script. I changed EXTIF to ppp0 and INTIF to eth0. Another change was that I changed the location of iptables to /sbin/iptables because that's where it exists.
Tungro
|
|
|
02-24-2002, 09:39 AM
|
#6
|
Moderator
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,696
|
Hi,
Your machine is not masqerading. That's why I was asking. But now maybe try
iptables -t nat -A POSTROUTING -o ppp0 -j MASQERADE
from console. There might be a problem, because I think firewall is started before interface ppp0. Maybe try also change ppp0 to ppp+. It was good for ipchains (previous version in kernels 2.2.x), but I haven't tried it with 2.4.x.
Mara
|
|
|
02-24-2002, 05:33 PM
|
#7
|
LQ Newbie
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7
Original Poster
Rep:
|
Hello
No luck with that. I did type that in a console before and after logging in to my ISP, and although it accepted it (is MASQERADE meant to be MASQUERADE? I tried it with a U) doing iptables -L still gave the same as before. And the ping thing - I can ping the ISP computer fine and it sends packets and receives packets all right. But pinging anything else, and it doesn't like it. What I'll do is try to ping some other sites on the Internet, in case the IP address of the site I am testing with is no longer in existence. But I doubt that's true...
Tungro
|
|
|
02-25-2002, 02:18 PM
|
#8
|
LQ Newbie
Registered: May 2001
Location: UK
Distribution: RedHat 8.0
Posts: 14
Rep:
|
I have had a similar problem with RH7.2. The the document at the following link http://axion.physics.ubc.ca/ppp-linux.html especally in respect to the section on routes. I found RH had added an extra route entry.
|
|
|
02-26-2002, 01:52 PM
|
#9
|
LQ Newbie
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7
Original Poster
Rep:
|
Success!
Hello again
Thank you for the prompt replies - you have all been very helpful. My problem was solved when I deleted the default route - that was what was causing all the problems.
I have just one final niggle. When loading the rc.firewall script, it takes ages checking all the kernel modules. Is there a quicker way to do this, or is this really necessary? I reboot often (unlike most Linux users, I know) so a kind of fast boot is advantageous.
Cheers!
Tungro
|
|
|
02-27-2002, 12:19 PM
|
#10
|
LQ Newbie
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7
Original Poster
Rep:
|
Hello
Is it okay to skip checking all the kernel modules in the rc.firewall script? Or, even better, is there a way to do this a lot faster? At the moment, booting up takes an age!
Tungro
|
|
|
02-27-2002, 02:23 PM
|
#11
|
Moderator
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,696
|
If you use a procompiled kernel, it's usually safe not to check. But all neccessary network modules must be loaded!
|
|
|
02-27-2002, 03:27 PM
|
#12
|
LQ Newbie
Registered: Feb 2002
Location: Scotland
Distribution: Mandrake 8.1
Posts: 7
Original Poster
Rep:
|
Thanks! It is a precompiled kernel, so that should be okay.
Cheers!
Tungro
|
|
|
All times are GMT -5. The time now is 04:47 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|