I've fixed it now Ron, turned out to be problems firstly with my DNS configuration on the Windows box, then the fact that I had ipchains rules floating about - needed to do a ipchains -F then the real rules and all is fine now. Thanks for the interest and the help.
Cheers, Corey Popelier http://members.dingoblue.net.au/~pancreas Work Email: [EMAIL PROTECTED] On Wed, 31 May 2000, Ron Rademaker wrote: > Did you do: 'echo 1 > /proc/sys/net/ipv4/ip_forward' > /proc/sys/net/ipv4/ip_forward must be 1 if you want ip masquerading > enabled! > > Ron > > PS. Check if you got the right things in your kernel, otherwise you'll > have to recompile it. > > On Wed, 31 May 2000, Corey Popelier wrote: > > > Ok I had forgotten the dns setting (Sigh). > > Now I get a lot of "udp port domain unreachable" messages in my tcpdump. > > > > Cheers, > > Corey Popelier > > http://members.dingoblue.net.au/~pancreas > > Work Email: [EMAIL PROTECTED] > > > > On Wed, 31 May 2000 [EMAIL PROTECTED] wrote: > > > > > Why are you using a proxy, just go to your win network option, to the > > > tcp/ip properties and set the gateway to the lin box, as well as the > > > dns... > > > > > > Ron > > > > > > By the way, did you try adding that masq ipchains rule? > > > > > > On Wed, 31 May 2000, Corey Popelier wrote: > > > > > > > Some additional information I can give, is that a ping from the Windows > > > > box behaves as follows: > > > > > > > > (win) ping 203.24.100.1 > > > > > > > > (tcpdump from linux box) > > > > > > > > 10.0.0.2 > dialup-gw.aceonline.com.au: icmp: echo request > > > > (above line times 4). > > > > > > > > Now this would indicate to me that IP forwarding is occurring. But no > > > > reply is coming back (possibly due to ICMP Masq not compiled in kernel). > > > > > > > > Now I have told the Win box to use a gateway of 10.0.0.1 (Lin box). If I > > > > set the proxy to use to in IE to 10.0.0.1, a tcpdump says: > > > > > > > > 10.0.0.1.wwww > 10.0.0.2.1033 ...etcetc > > > > 10.0.0.2.1033 > 10.0.0.1.www ...etcetc > > > > arp who-has 10.0.0.2 tell 10.0.0.1 > > > > arp reply 10.0.0.2 is-at 0:a0:24:96:43:bc > > > > > > > > What I am trying to establish is if whether I am missing kernel options, > > > > or whether I've just got a configuration problem. > > > > > > > > Thanks Ron btw. > > > > > > > > Cheers, > > > > Corey Popelier > > > > http://members.dingoblue.net.au/~pancreas > > > > Work Email: [EMAIL PROTECTED] > > > > > > > > On Tue, 30 May 2000, Ron Rademaker wrote: > > > > > > > > > I'm not a telepath, I can't see from here if you got the right things > > > > > in > > > > > your kernel ;) But you ipchains misses something, the masquerading, > > > > > you > > > > > should do: > > > > > > > > > > ipchains -A forward -j MASQ -s <you lan network>/24 -d 0/0 > > > > > > > > > > I can tell you what you should have in your kernel: IP Masquerading, > > > > > if > > > > > you want to masquerade ping, you should also have ICMP Masqerading. > > > > > > > > > > Ron Rademaker > > > > > > > > > > On Tue, 30 May 2000, Corey Popelier wrote: > > > > > > > > > > > Ok I now have my Debian and Windows boxes networked, and I tried to > > > > > > set up > > > > > > IP Chains as follows: > > > > > > > > > > > > ipchains -P forward DENY > > > > > > ipchains -A forward -i ppp0 -j ACCEPT > > > > > > > > > > > > Now whenever I traceroute something from the Win box I get: > > > > > > > > > > > > 1 1ms <10ms <10ms (Linux box). > > > > > > 2 * * * > > > > > > > > > > > > etc. > > > > > > Now I realise ICMP packets are handled by a different kernel > > > > > > option. Can I > > > > > > get this working without building a new kernel? > > > > > > > > > > > > Secondly, I have set the Win box with a gateway of the Lin box, and > > > > > > web > > > > > > pages still won't load. Now I've heard this is the case if the IP > > > > > > Masq > > > > > > stuff wasn't included in the kernel (2.2.15pre19-1 btw, and Win98), > > > > > > and > > > > > > the only hint I've seen in HOWTO's is to check for a file: > > > > > > > > > > > > /proc/net/ipfw_chains > > > > > > > > > > > > I get a file listed when I ls -al this (its 0 bytes tho). > > > > > > > > > > > > Now have I just simply missed kernel options and thus need to build > > > > > > a new > > > > > > one, and if so which, or what is going on that causes me to not be > > > > > > able to > > > > > > access the web from the Windows box, using the Linux box as the > > > > > > gateway? > > > > > > > > > > > > > > > > > > Cheers, > > > > > > Corey Popelier > > > > > > http://members.dingoblue.net.au/~pancreas > > > > > > Work Email: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > -- > > > > > > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > > > > > > > > > > > > > > > > > > > > > > > > -- > > > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > > > > > > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null >
