Kevin Coyner, 2002-Nov-07 22:15 -0500:
> Solved !!! Thanks much Jeff for helping out and getting me on the right
> path.
>
> It's as you suspected, the router didn't know about the 10.0.0.0 network
> so I had to have the proxy server sumida do NAT in order to convert from
> the 192.168.2.0 network
On Thu, Nov 07, 2002 at 09:00:07PM -0500, Kevin Coyner wrote..
>
> > Oh! Oh! Oh! The router doesn't know about the 10.0.0.0 network. It
> > needs a static route to 192.168.2.150 to reach the 10.0.0.0/24
> > network. That's why! The traffic leaves fine, the router doesn't
> > know where t
On Thu, Nov 07, 2002 at 05:33:19PM -0800, Jeff wrote..
> Kevin Coyner, 2002-Nov-07 16:55 -0500:
> >
> > On Thu, Nov 07, 2002 at 12:20:52PM -0800, Jeff wrote..
> > > >
> > > > sumida:/etc/init.d# cat /proc/net/ip_conntrack
> > > >
> > > > udp 17 9 src=10.10.10.156 dst=192.168.2.254 sp
Kevin Coyner, 2002-Nov-07 16:55 -0500:
>
> On Thu, Nov 07, 2002 at 12:20:52PM -0800, Jeff wrote..
> > >
> > > sumida:/etc/init.d# cat /proc/net/ip_conntrack
> > >
> > > udp 17 9 src=10.10.10.156 dst=192.168.2.254 sport=1059 dport=53
> > > [UNREPLIED] src=192.168.2.254 dst=192.168.2.254 spor
On Thu, Nov 07, 2002 at 12:20:52PM -0800, Jeff wrote..
> >
> > sumida:/etc/init.d# cat /proc/net/ip_conntrack
> >
> > udp 17 9 src=10.10.10.156 dst=192.168.2.254 sport=1059 dport=53
> > [UNREPLIED] src=192.168.2.254 dst=192.168.2.254 sport=53 dport=1059
> > use=1
> > udp 17 17 src=10.10.10
Kevin Coyner, 2002-Nov-07 14:14 -0500:
>
> On Thu, Nov 07, 2002 at 12:03:24PM -0200, Christoph Simon wrote..
>
> > I didn't read the start of the thread, but from what I'm seeing here,
> > you are missing some masquerading or source nat. First make sure, the
> > default policy of all enabled
On Thu, Nov 07, 2002 at 12:03:24PM -0200, Christoph Simon wrote..
> I didn't read the start of the thread, but from what I'm seeing here,
> you are missing some masquerading or source nat. First make sure, the
> default policy of all enabled iptables is ACCEPT and not DROP (most
> probably,
On Thu, Nov 07, 2002 at 12:03:24PM -0200, Christoph Simon wrote..
>
> I didn't read the start of the thread, but from what I'm seeing here,
> you are missing some masquerading or source nat. First make sure, the
> default policy of all enabled iptables is ACCEPT and not DROP (most
> probably,
On Thu, 7 Nov 2002 08:46:44 -0500
Kevin Coyner <[EMAIL PROTECTED]> wrote:
> No, that's not it. The client default GW is set to 10.0.0.254, and the
> client can ping 10.0.0.254. Similary, sumida the proxy server can ping
> the client and can ping the outside world. The only ping that isn't
> wor
On Wed, Nov 06, 2002 at 10:28:09PM -0800, Jeff wrote..
> Kevin Coyner, 2002-Nov-06 23:50 -0500:
>
> >
> > In addition to these entries, I've changed /etc/network/options
> > ip_forward=yes, and manually executed "echo 1 >
> > /proc/sys/net/ipv4/ip_forward". I haven't done anything with ipta
Kevin Coyner, 2002-Nov-06 23:50 -0500:
>
> It seems conceptually correct to me, yet I continue to wonder whether
> eth1 needs a gateway entry. I guess not though, because when I try to
> add one, it doesn't take.
>
> In addition to these entries, I've changed /etc/network/options
> ip_forward=y
I'm setting up a box in my LAN to act as a transparent Squid proxy
server with squidGuard to filter out porn and other things that the kids
might stumble into.
The box will sit between the router and the clients - like this:
World
|
|
Router w/ builtin FW (local assigned ip 1
12 matches
Mail list logo
