LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-04-2006, 02:32 PM   #1
sarajevo
Member
 
Registered: Apr 2005
Distribution: Debian, OpenBSD,Fedora,RedHat
Posts: 228
Blog Entries: 1

Rep: Reputation: 31
NAT works, but when I change machine it stops!!!


Hi ,
I made nat on compA ( two network interfaces )

compA-----------crossover cable------------------compB

on compB I have not any firewall, compB has ip address 192.168.1.10
Internal interface on compA has ip address 192.168.1.1--gateway for compB. I can go to internet from compB in this environment.
When I change RJ-45 jack from compB to another machine compC ( compC has the same configuration as compB previously) I can not surf any more.
OS is debian on all machines. I just switch on to other machine.
I tried to change ip address on compC ( for example 192.168.1.20 ) and I have the same situation.
I did not make any changes on compA. I did not even touch it )

So is there any solution for this problem ?
Any comment is welcome.

Thanks in advance


Last edited by sarajevo; 08-04-2006 at 02:35 PM.
 
Old 08-04-2006, 03:26 PM   #2
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
could it be that compA is using source IP address filtering?? perhaps even mac address filtering?? could you post the iptables rules from compA??
Code:
/sbin/iptables -L -n -v
also, are you 100% sure that compC has the proper IP configuration?? and that it doesn't have any iptables rules of its own which could be filtering its outgoing packets?? can compC ping itself??

post the ifconfigs from compB and compC also if you can...
Code:
/sbin/ifconfig

Last edited by win32sux; 08-04-2006 at 03:28 PM.
 
Old 08-04-2006, 03:39 PM   #3
sarajevo
Member
 
Registered: Apr 2005
Distribution: Debian, OpenBSD,Fedora,RedHat
Posts: 228

Original Poster
Blog Entries: 1

Rep: Reputation: 31
It is possibe ping from compA to compA and visa versa. compC can ping itself. It is possible ssh from compA to compC.
compC has not any kind of firewall.

iptables -L -n -v from compA is as follows. compC has a proper address configuration. I checked it hundred times.

iptables -L -n -v ( on compA)
Chain INPUT (policy ACCEPT 18326 packets, 9664K bytes)
pkts bytes target prot opt in out source destination
1504 45056 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
4840 3312K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
4 312 ACCEPT all -- !ppp0 * 0.0.0.0/0 0.0.0.0/0 state NEW

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
2888 2427K ACCEPT all -- ppp0 eth1 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
3070 688K ACCEPT all -- eth1 ppp0 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- ppp0 ppp0 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT 27171 packets, 3709K bytes)
pkts bytes target prot opt in out source destination



iptables -L -v -n ( from compC)

iptables -L -v -n
Chain INPUT (policy ACCEPT 773 packets, 126K bytes)
pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 709 packets, 123K bytes)
pkts bytes target prot opt in out source destination


It works but when I change machine it won't.

Thanks
 
Old 08-04-2006, 03:45 PM   #4
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
can compC ping an Internet IP?? how about an Internet domain name??

if compC can ping compA, but not Internet IPs, you need to make sure the gateway address is properly configured on compC...

if compC can ping compA, can ping Internet IPs, but can not ping Internet domains (or surf), you need to make sure the DNS server addresses are properly configured on compC...

Last edited by win32sux; 08-04-2006 at 04:01 PM.
 
Old 08-04-2006, 03:46 PM   #5
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
even though you've already checked, it would be great if you could post the output of these from compB and compC so we can compare:
Code:
/sbin/ifconfig
Code:
/sbin/route -n
Code:
cat /etc/resolv.conf

Last edited by win32sux; 08-04-2006 at 04:09 PM.
 
Old 08-04-2006, 04:11 PM   #6
sarajevo
Member
 
Registered: Apr 2005
Distribution: Debian, OpenBSD,Fedora,RedHat
Posts: 228

Original Poster
Blog Entries: 1

Rep: Reputation: 31
Thank you. I had disparity in etc/resolv.com

It works now.

Regards
 
Old 08-04-2006, 04:12 PM   #7
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by sarajevo
Thank you. I had disparity in etc/resolv.com

It works now.

Regards
hehe, cool... happy to help...
 
Old 08-04-2006, 04:24 PM   #8
sarajevo
Member
 
Registered: Apr 2005
Distribution: Debian, OpenBSD,Fedora,RedHat
Posts: 228

Original Poster
Blog Entries: 1

Rep: Reputation: 31
Quote:
Originally Posted by win32sux
hehe, cool... happy to help...
thanks again



Regards from Sarajevo
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
FGLRX driver works initially in SuSe 10.0, then stops Elomis Linux - Software 4 10-30-2005 05:42 PM
Installation stops in the middle of bootup (on new machine) lostinpurdy Linux - Newbie 4 10-05-2005 09:12 PM
Wired network works for a few seconds and then stops paulbutcher Linux - Networking 7 07-05-2005 07:54 AM
IBM ThinkPad, the sound works on boot, but then stops. larwana Linux - Laptop and Netbook 0 03-16-2004 12:36 PM
VNC Works then stops! Reboot fixes but then it stops again! Leethal Linux - Software 1 02-26-2004 07:57 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:14 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration