[ale] NAT Help needed!
Philip Polstra
ppolstra at gmail.com
Wed Feb 9 14:27:28 EST 2005
Nothing is showing up in the logs?!
The address of eth1 which is connected to the local network is
192.168.1.5. Eth0 is connected to the ISP using DHCP off a 10.0.0.0
network.
I can ping 192.168.1.5 from anywhere and also can ping from the router
machine to anywhere inside or outside the network. The other machines
(which dual boot FC3/Windozes) have the gateway set to 192.168.1.5.
On Wed, 9 Feb 2005 14:03:08 -0500, Robert L. Harris
<Robert.L.Harris at rdlg.net> wrote:
>
>
> Ok, do this:
>
> Make sure that your iptable output error messages are being logged. I
> do it with this:
>
> $IPTABLES -A cleanup -j LOG --log-level debug --log-prefix "IPTables v4 Dropped: "
> $IPTABLES -A cleanup -j DROP
>
> That way you can check to see if it's your firewall with this:
>
> {130}:/var/log>tail -20f syslog | grep IPT
> Feb 9 13:59:29 wally kernel: IPTables v4 Dropped: IN=eth0 OUT= MAC=00:60:08:1c:7a:b5:00:0b:bf:7c:cc:a8:08:00 SRC=70.49.25.19 DST=68.184.148.196 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=10687 DF PROTO=TCP SPT=2044 DPT=21505 WINDOW=65535 RES=0x00 SYN URGP=0
> Feb 9 13:59:35 wally kernel: IPTables v4 Dropped: IN=eth0 OUT= MAC=00:60:08:1c:7a:b5:00:0b:bf:7c:cc:a8:08:00 SRC=70.49.25.19 DST=68.184.148.196 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=11136 DF PROTO=TCP SPT=2044 DPT=21505 WINDOW=65535 RES=0x00 SYN URGP=0
>
> That way you can get a machine behind to ping out and see where you're
> getting blocked.
>
>
> Thus spake Philip Polstra (ppolstra at gmail.com):
>
> > On Wed, 9 Feb 2005 13:48:26 -0500, Robert L. Harris
> > <Robert.L.Harris at rdlg.net> wrote:
> > >
> > >
> > > Ok, from the FC3, can you ping the default gateway outwards to the
> > > Internet? Can you ping a couple machines behind the FC3 in the nat'd
> > > area?
> > Yes, and yes.
> > >
> > > What do you get for "cat /proc/sys/net/ipv4/ip_forward"?
> > 1
> > >
> > > Thus spake Philip Polstra (ppolstra at gmail.com):
> > >
> > > > Our router went down yesterday at the high school so we decided to set
> > > > up a FC3 machine to be the new router. I can't get it to forward
> > > > packets from other machines in the network despite following the
> > > > instructions to set up the router with NAT exactly. I have the
> > > > ability to connect to the internet and the local network on the router
> > > > machine, but nothing gets forwarded.
> > > >
> > > > I'm using iptables. Any ideas?
> > > > _______________________________________________
> > > > Ale mailing list
> > > > Ale at ale.org
> > > > http://www.ale.org/mailman/listinfo/ale
> > >
> > > :wq!
> > > ---------------------------------------------------------------------------
> > > Robert L. Harris | GPG Key ID: E344DA3B
> > > @ x-hkp://pgp.mit.edu
> > > DISCLAIMER:
> > > These are MY OPINIONS With Dreams To Be A King,
> > > ALONE. I speak for First One Should Be A Man
> > > no-one else. - Manowar
> > >
> > >
> > >
> >
> > ** CRM114 Whitelisted by: mit.edu **
>
> :wq!
> ---------------------------------------------------------------------------
> Robert L. Harris | GPG Key ID: E344DA3B
> @ x-hkp://pgp.mit.edu
> DISCLAIMER:
> These are MY OPINIONS With Dreams To Be A King,
> ALONE. I speak for First One Should Be A Man
> no-one else. - Manowar
>
>
>
More information about the Ale
mailing list