On Tue, May 16, 2000 at 07:24:09AM -0600, Dwayne C . Litzenberger wrote > I have a box that I want to do IP forwarding. But, I can't ping outside > hosts through it. The firewall sends packets from me, but it doesn't > re-forward the ICMP echo replies (although you can see them with iptraf in > promiscuous mode) back. > > # ipchains -L > Chain input (policy ACCEPT): > Chain forward (policy ACCEPT): > Chain output (policy ACCEPT): > > # cat /proc/sys/net/ipv4/ip_forward > 1 >
Try this: # echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter # echo 0 > /proc/sys/net/ipv4/conf/eth1/rp_filter (and repeat for any other network cards you may have installed in the two machines). If that helps, read /usr/src/linux/Documentation/networking/ip-sysctl.txt and look at /etc/init.d/netbase. Some network configurations (e.g., satellite downlinks or multiple, multihomed machines) may require different handling than the default, or more careful planning of network routing. John P. -- [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.mdt.net.au/~john Debian Linux admin & support:technical services
