- is forwarding actually really enabled? Just "cat" the relevant /proc/sys/net/ipv4/ip_forward.
cat /proc/sys/net/ipv4/ip_forward returns 1
So remaining things to check would be - where do packets do what? Use "tcpdump" on the router to monitor how packets flow. Don't cite all the output, but look at where packets are coming and going. Two terminals with "tcpdump -i eth0" and "tcpdump -i ppp0" would tell you that. Send a few pings from the desktop to the internet. Also try pinging an IP from the desktop, not just hostnames (to rule out nameserver borkage).
Here is what tcdump returns! ping to www.google.de from desktop ping -c5 209.85.135.147 PING 209.85.135.147 (209.85.135.147) 56(84) bytes of data. --- 209.85.135.147 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 4000ms tcpdump -i ppp0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 96 bytes 00:23:34.170023 IP dslb-088-065-173-238.pools.arcor-ip.net.32864 > dns1.arcor-ip.de.domain: 62186+ PTR? 147.135.85.209.in-addr.arpa. (45) 00:23:34.170885 IP dslb-088-065-173-238.pools.arcor-ip.net.32865 > dns1.arcor-ip.de.domain: 49362+ PTR? 11.2.253.145.in-addr.arpa. (43) 00:23:34.186127 IP dns1.arcor-ip.de.domain > dslb-088-065-173-238.pools.arcor-ip.net.32864: 62186 NXDomain 0/1/0 (105) 00:23:34.192706 IP dns1.arcor-ip.de.domain > dslb-088-065-173-238.pools.arcor-ip.net.32865: 49362 1/0/0 (73) 00:23:34.193083 IP dslb-088-065-173-238.pools.arcor-ip.net.32865 > dns1.arcor-ip.de.domain: 55934+ PTR? 238.173.65.88.in-addr.arpa. (44) 00:23:34.250939 IP dns1.arcor-ip.de.domain > dslb-088-065-173-238.pools.arcor-ip.net.32865: 55934 1/0/0 (97) 00:23:44.770408 IP cpc1-pnth1-0-0-cust807.cdif.cable.ntl.com.18730 > dslb-088-065-173-238.pools.arcor-ip.net.13040: UDP, length 98 00:23:44.770494 IP dslb-088-065-173-238.pools.arcor-ip.net > cpc1-pnth1-0-0-cust807.cdif.cable.ntl.com: ICMP dslb-088-065-173-238.pools.arcor-ip.net udp port 13040 unreachable, length 134 00:23:44.770752 IP dslb-088-065-173-238.pools.arcor-ip.net.32865 > dns1.arcor-ip.de.domain: 21398+ PTR? 40.23.6.82.in-addr.arpa. (41) 00:23:44.820873 IP dns1.arcor-ip.de.domain > dslb-088-065-173-238.pools.arcor-ip.net.32865: 21398 1/0/0 (96) 00:23:46.085482 IP 222.69.242.140.19774 > dslb-088-065-173-238.pools.arcor-ip.net.13040: UDP, length 98 00:23:46.085566 IP dslb-088-065-173-238.pools.arcor-ip.net > 222.69.242.140: ICMP dslb-088-065-173-238.pools.arcor-ip.net udp port 13040 unreachable, length 134 00:23:46.085811 IP dslb-088-065-173-238.pools.arcor-ip.net.32865 > dns1.arcor-ip.de.domain: 28846+ PTR? 140.242.69.222.in-addr.arpa. (45) 00:23:46.509496 IP dns1.arcor-ip.de.domain > dslb-088-065-173-238.pools.arcor-ip.net.32865: 28846 NXDomain 0/1/0 (105) 00:23:52.092567 IP 222.69.242.140.19774 > dslb-088-065-173-238.pools.arcor-ip.net.13040: UDP, length 98 00:23:52.092624 IP dslb-088-065-173-238.pools.arcor-ip.net > 222.69.242.140: ICMP dslb-088-065-173-238.pools.arcor-ip.net udp port 13040 unreachable, length 134 00:23:54.447053 IP dslb-084-057-191-176.pools.arcor-ip.net.3158 > dslb-088-065-173-238.pools.arcor-ip.net.epmap: S 2228649193:2228649193(0) win 53760 <mss 1412,nop,wscale 3,nop,nop,timestamp 0 0,nop,nop,sackOK> 00:23:54.447386 IP dslb-088-065-173-238.pools.arcor-ip.net.32865 > dns1.arcor-ip.de.domain: 55370+ PTR? 176.191.57.84.in-addr.arpa. (44) 00:23:54.463773 IP dns1.arcor-ip.de.domain > dslb-088-065-173-238.pools.arcor-ip.net.32865: 55370 1/0/0 (97) tcpdump -i eth0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 00:23:32.895513 IP gentoo-vdr.linux.net.54934 > gentoo.linux.net.ssh: P 2356170685:2356170733(48) ack 1373265494 win 1034 <nop,nop,timestamp 1888728 4586914> 00:23:32.895566 IP gentoo.linux.net.ssh > gentoo-vdr.linux.net.54934: P 1:49(48) ack 48 win 81 <nop,nop,timestamp 4721101 1888728> 00:23:32.895604 IP gentoo-vdr.linux.net.54934 > gentoo.linux.net.ssh: . ack 49 win 1034 <nop,nop,timestamp 1888728 4721101> 00:23:33.913406 IP gentoo-vdr.linux.net.36415 > gentoo.linux.net.ssh: P 220729975:220730023(48) ack 3542615936 win 5880 <nop,nop,timestamp 1888829 4706313> 00:23:33.913491 IP gentoo.linux.net.ssh > gentoo-vdr.linux.net.36415: P 1:65(64) ack 48 win 116 <nop,nop,timestamp 4721355 1888829> 00:23:33.913528 IP gentoo-vdr.linux.net.36415 > gentoo.linux.net.ssh: . ack 65 win 5880 <nop,nop,timestamp 1888829 4721355> 00:23:34.168115 IP gentoo-vdr.linux.net.36415 > gentoo.linux.net.ssh: P 48:96(48) ack 65 win 5880 <nop,nop,timestamp 1888855 4721355> 00:23:34.168191 IP gentoo.linux.net.ssh > gentoo-vdr.linux.net.36415: P 65:113(48) ack 96 win 116 <nop,nop,timestamp 4721419 1888855> 00:23:34.168229 IP gentoo-vdr.linux.net.36415 > gentoo.linux.net.ssh: . ack 113 win 5880 <nop,nop,timestamp 1888855 4721419> 00:23:34.168756 IP gentoo.linux.net.ssh > gentoo-vdr.linux.net.36415: P 113:209(96) ack 96 win 116 <nop,nop,timestamp 4721419 1888855> 00:23:34.168814 IP gentoo-vdr.linux.net.36415 > gentoo.linux.net.ssh: . ack 209 win 5880 <nop,nop,timestamp 1888855 4721419> 00:23:34.168771 IP gentoo.linux.net > 209.85.135.147: ICMP echo request, id 64284, seq 1, length 64 00:23:35.169420 IP gentoo.linux.net > 209.85.135.147: ICMP echo request, id 64284, seq 2, length 64 00:23:36.169461 IP gentoo.linux.net > 209.85.135.147: ICMP echo request, id 64284, seq 3, length 64 00:23:37.169504 IP gentoo.linux.net > 209.85.135.147: ICMP echo request, id 64284, seq 4, length 64 00:23:38.169550 IP gentoo.linux.net > 209.85.135.147: ICMP echo request, id 64284, seq 5, length 64 00:23:48.174063 IP gentoo.linux.net.ssh > gentoo-vdr.linux.net.36415: P 209:353(144) ack 96 win 116 <nop,nop,timestamp 4724920 1888855> 00:23:48.174138 IP gentoo-vdr.linux.net.36415 > gentoo.linux.net.ssh: . ack 353 win 5871 <nop,nop,timestamp 1890255 4724920> 00:23:48.174117 IP gentoo.linux.net.ssh > gentoo-vdr.linux.net.36415: P 353:417(64) ack 96 win 116 <nop,nop,timestamp 4724920 1888855> 00:23:48.174157 IP gentoo-vdr.linux.net.36415 > gentoo.linux.net.ssh: . ack 417 win 5867 <nop,nop,timestamp 1890255 4724920> 00:23:48.174170 IP gentoo.linux.net.ssh > gentoo-vdr.linux.net.36415: P 417:497(80) ack 96 win 116 <nop,nop,timestamp 4724920 1890255> 00:23:48.174182 IP gentoo-vdr.linux.net.36415 > gentoo.linux.net.ssh: . ack 497 win 5862 <nop,nop,timestamp 1890255 4724920> ping to www.google.de from router ping -c5 209.85.135.147 PING 209.85.135.147 (209.85.135.147) 56(84) bytes of data. 64 bytes from 209.85.135.147: icmp_seq=1 ttl=246 time=23.2 ms 64 bytes from 209.85.135.147: icmp_seq=2 ttl=246 time=24.4 ms 64 bytes from 209.85.135.147: icmp_seq=3 ttl=246 time=23.6 ms 64 bytes from 209.85.135.147: icmp_seq=4 ttl=246 time=24.6 ms 64 bytes from 209.85.135.147: icmp_seq=5 ttl=246 time=23.7 ms --- 209.85.135.147 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4025ms rtt min/avg/max/mdev = 23.292/23.945/24.603/0.520 ms tcpdump -i eth0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 0 packets captured 0 packets received by filter 0 packets dropped by kernel tcpdump -i ppp0 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size 96 bytes 00:26:45.035173 IP dslb-088-065-173-238.pools.arcor-ip.net > 209.85.135.147: ICMP echo request, id 4181, seq 1, length 64 00:26:45.036069 IP dslb-088-065-173-238.pools.arcor-ip.net.32865 > dns1.arcor-ip.de.domain: 53808+ PTR? 147.135.85.209.in-addr.arpa. (45) 00:26:45.056503 IP dns1.arcor-ip.de.domain > dslb-088-065-173-238.pools.arcor-ip.net.32865: 53808 NXDomain 0/1/0 (105) 00:26:45.056824 IP dslb-088-065-173-238.pools.arcor-ip.net.32865 > dns1.arcor-ip.de.domain: 37596+ PTR? 238.173.65.88.in-addr.arpa. (44) 00:26:45.058409 IP 209.85.135.147 > dslb-088-065-173-238.pools.arcor-ip.net: ICMP echo reply, id 4181, seq 1, length 64 00:26:45.074915 IP dns1.arcor-ip.de.domain > dslb-088-065-173-238.pools.arcor-ip.net.32865: 37596 1/0/0 (97) 00:26:45.125930 IP dslb-088-065-173-238.pools.arcor-ip.net.32865 > dns1.arcor-ip.de.domain: 10166+ PTR? 11.2.253.145.in-addr.arpa. (43) 00:26:45.140233 IP dns1.arcor-ip.de.domain > dslb-088-065-173-238.pools.arcor-ip.net.32865: 10166 1/0/0 (73) 00:26:46.040910 IP dslb-088-065-173-238.pools.arcor-ip.net > 209.85.135.147: ICMP echo request, id 4181, seq 2, length 64 00:26:46.065340 IP 209.85.135.147 > dslb-088-065-173-238.pools.arcor-ip.net: ICMP echo reply, id 4181, seq 2, length 64 00:26:47.050855 IP dslb-088-065-173-238.pools.arcor-ip.net > 209.85.135.147: ICMP echo request, id 4181, seq 3, length 64 00:26:47.074438 IP 209.85.135.147 > dslb-088-065-173-238.pools.arcor-ip.net: ICMP echo reply, id 4181, seq 3, length 64 00:26:48.050866 IP dslb-088-065-173-238.pools.arcor-ip.net > 209.85.135.147: ICMP echo request, id 4181, seq 4, length 64 00:26:48.075412 IP 209.85.135.147 > dslb-088-065-173-238.pools.arcor-ip.net: ICMP echo reply, id 4181, seq 4, length 64 00:26:49.060871 IP dslb-088-065-173-238.pools.arcor-ip.net > 209.85.135.147: ICMP echo request, id 4181, seq 5, length 64 00:26:49.084519 IP 209.85.135.147 > dslb-088-065-173-238.pools.arcor-ip.net: ICMP echo reply, id 4181, seq 5, length 64 16 packets captured 32 packets received by filter 0 packets dropped by kernel -- gentoo-user@gentoo.org mailing list
