Hello!
I have a home network with three computers (A, B and C).
Computer A has a direct connection to internet by a cable-modem.
It has interfaces:
- eth0 to internet, uses DHCP
- eth1 to computer B, static IP-address: 192.168.0.2
Its operating system is Debian etch, with default
IPMASQ configuration. I added:
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.0.1 eth1
to /etc/init.d/bootmisc.sh (first) and to /etc/init.d/ipmasq (then)
Computer B is connected to both A and C.
Its interfaces:
- rl0 to computer A, IP 192.168.0.1
- ural0 to computer B, IP 192.168.2.1
It runs FreeBSD 6.3, confirgured while install to be gateway.
Computer C is connected to B. Interface:
- ural0 to computer B, IP 192.168.2.2
It has FreeBSD 6.3 and OpenBSD 4.0.
=========================================================================
Present situation:
Ping from B to C 192.168.2.2 success.
Ping from C to B 192.168.2.1 success.
Ping from C to B 192.168.0.1 success.
Ping from B to A 192.168.0.2 success.
Ping from B to anywhere in internet success.
Ping from A to B 192.168.0.1 success.
Ping from C to A 192.168.0.2 failed (host is down).
Ping from A to B 192.168.2.1 failed:
[EMAIL PROTECTED]:~$ ping 192.168.2.1
PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
Does anybody know a solution for that?
I read documents about IPmasq and IPtables, but understood not enough.
I tried examples in /usr/share/doc/ipmasq/basic but failed.
Many thanks for your time and help :-)
===================================================================
Jen plia informo:
[EMAIL PROTECTED]:~$ /sbin/route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.2.0 192.168.0.1 255.255.255.0 UG 0 0 0 eth1
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
85.152.88.0 0.0.0.0 255.255.252.0 U 0 0 0 eth0
0.0.0.0 85.152.88.254 0.0.0.0 UG 0 0 0 eth0
[EMAIL PROTECTED]:~# iptables -L INPUT
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere
LOG 0 -- loopback/8 anywhere LOG level warning
DROP 0 -- loopback/8 anywhere
ACCEPT 0 -- anywhere 255.255.255.255
ACCEPT 0 -- 192.168.0.0/24 anywhere
ACCEPT !tcp -- anywhere BASE-ADDRESS.MCAST.NET/4
LOG 0 -- 192.168.0.0/24 anywhere LOG level warning
DROP 0 -- 192.168.0.0/24 anywhere
ACCEPT 0 -- anywhere 255.255.255.255
ACCEPT 0 -- anywhere cm-85-152-88-242.telecable.es
ACCEPT 0 -- anywhere 85.152.91.255
LOG 0 -- anywhere anywhere LOG level warning
DROP 0 -- anywhere anywhere
[EMAIL PROTECTED]:~# iptables -L OUTPUT
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere
ACCEPT 0 -- anywhere 255.255.255.255
ACCEPT 0 -- anywhere 192.168.0.0/24
ACCEPT !tcp -- anywhere BASE-ADDRESS.MCAST.NET/4
LOG 0 -- anywhere 192.168.0.0/24 LOG level warning
DROP 0 -- anywhere 192.168.0.0/24
ACCEPT 0 -- anywhere 255.255.255.255
ACCEPT 0 -- cm-85-152-88-242.telecable.es anywhere
ACCEPT 0 -- 85.152.91.255 anywhere
LOG 0 -- anywhere anywhere LOG level warning
DROP 0 -- anywhere anywhere
[EMAIL PROTECTED]:~# iptables -L FORWARD
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT 0 -- 192.168.0.0/24 anywhere
ACCEPT 0 -- anywhere anywhere state
RELATED,ESTABLISHED
LOG 0 -- anywhere 19
____________________________________________________________________________
Carlos Enrique Carleos Artime FidoNet-poshto: 2:341/14.79
Dep-to de Statistiko kaj Plejbonigo, Retposhto: [EMAIL PROTECTED]
kaj Matematika Didaktiko Telefono: +34 985 181 904
Universitato Oviedo - Asturio Adreso: EUITIndus 33203 Hispanio
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
