At 15:58 25.03.98 GMT, Rod Gotty wrote:
What are your ipfwadm setings?
You can use:
ipfwadm -F -p deny
ipfwadm -F -a m -S 192.168.1.0/24 -D 0.0.0.0/0 -W ppp0
>Hi:
>
>I'm trying without success to get IP masquerading to work. It seems
>that pings are going from one box on the LAN to the IP Masq Gateway
>but not out the IP Masq Gateway through the PPP connection to the
>Internet.
>
>Here's my setup:
>
> Computer #1: (Acts as the IP Masq Gateway)
> Running Linux 2.0.33 (RedHat-5.0) compiled with:
> CONFIG_EXPERIMENTAL=y
> CONFIG_MODULES=y
> CONFIG_NET=y
> CONFIG_FIREWALL=y
> CONFIG_INET=y
> CONFIG_IP_FORWARD=y
> CONFIG_IP_FIREWALL=y
> CONFIG_IP_MASQUERADE=y
> CONFIG_IP_MASQUERADE_ICMP=y
> CONFIG_IP_MASQUERADE_IPAUTOFW=y
> CONFIG_IP_ALWAYS_DEFRAG=y
> CONFIG_DUMMY=m
> One ethernet interface:
> IP Address = 192.168.1.1
> Network Mask = 255.255.255.0
> One dialup PPP connection with ISP
> The following modules are loaded:
> ip_masq_irc
> ip_masq_raudio
> ip_masq_ftp
>
> Computer #2: (Acts as a regular host on the LAN)
> Running Windows NT 4.0 Server
> One ethernet interface:
> IP Address: 192.168.1.2
> Network Mask: 255.255.255.0
> Default Gateway: 192.168.1.1
>
>Here is what I *can* do:
>
> Both the Linux and NT machines can ping each other, transfer files,
> etc. on the LAN without any problem.
>
> The Linux machine can ping other machines out over the Internet via
> the PPP connection without any problem.
>
>Here is what I can *not* do:
>
> The NT machine can't ping anything over the Internet. I even try
> pinging the IP address of the other end of the PPP link (the one at
> the ISP) and it doesn't work. I'm not using domain names but rather
> using IP addresses directly and it still doesn't work.
>
> On the Linux machine, I've setup two additional console windows, one
> running 'tcpdump -i eth0 -n' and the other running 'tcpdump -i ppp0
> -n'. When I ping an IP address over the Internet from the Linux
> machine, I see traffic going out the ppp0 interface, via tcpdump and
> the pings work. When I ping an IP address over the Internet from
> the NT machine, I see the ICPM echo request on the eth0 interface of
> the Linux machine but I do not see any traffic over the ppp0
> interface of the Linux machine. The NT machine reports "Request
> timed out".
>
> It appears to me that the Linux machine is not forwarding the
> packets from the NT machine out the ppp0 interface. I read in one
> of the IP Masq Web pages that I need to do 'echo "1" >
> /proc/sys/net/ipv4/ip_forward' and I indeed did that and then
> confirmed it by cat'ing ip_forward which had just the digit '1'.
>
>How can I monitor when and whether an IP packet is being forwarded?
>
>How can I tell whether IP forwarding is enabled? Do I inspect
>/proc/sys/net/ipv4/ip_forward to see if it contains the digit '1'?
>
>Why isn't my IP Masquerading working?
>
>Any help would be appreciated in solving this.
>
>Thanks
>-Rod
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
>For daily digest info, email [EMAIL PROTECTED]
>
----
Lars Erik Svendsen <[EMAIL PROTECTED]>
Moesarc Technology A/S http://www.moesarc.no
Phone: +47 22 51 69 72, fax +47 22 52 37 11
HomePage: http://www.moesarc.no/~lars
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
