ffirst of all, for the masquerading...I've had similar problems like this, I
think I've had about every problem imaginable with masquerading...
start out by connecting to the internet with the linux box. with both
machines booted:
1) ping the eth0(internal LAN) address of the linux box from the linux box
(this meant the net card is working)
2) ping your external IP(ppp0) address from the linux box (this means tcp/ip
is set up right on the linux box)
3) ping something outside your network (I like to use my ISP's name server)
from the linux box (this means everything is right with the ppp connection)
4) ping a hostname, ie. myisp.net, from the linux box (this means your
nameserver is set up right, which I don't think will affect masqing, but it
doesn't hurt to check)
5) ping the eth0(internal LAN) address of the mac from the mac (this means
the netcard in the mac works)
6) ping the eth0(internal LAN) address of the linux box from the mac (this
means the network cable is good, also noted by the green lights on the
netcards, if they have them, but I'm not sure the lights are really the best
indicator for this)
7) ping the mac's eth0(internal LAN) address from the linux box (while this
is similar to the step above, this makes sure both can talk to each other,
ie., the linux box isn't firewalling out the pings from the mac and vice
versa)
8) ping the linux boxes external (ppp0) IP address from the mac (this means
the forwarding and tcp/ip are set up correctly)
9) ping the IP address of your ISP's primary nameserver from the mac (the
result of this is twofold, if you can't get through to the DNS, we all know
what happens, but it also tests to make sure the linux box is forwarding the
info right)
10) ping the hostname of of your ISP, ie. "ping myisp.net" from the mac
(this means you've got the nameserver info set up right on the mac)
these 10 steps take about 5-10 minutes to run through, depending on how far
apart your computers are from each other...based on the results of each, you
can pinpoint the problem and usually have it fixed within another 5 minutes,
depending on how long it take the non-linux box to reboot (my wife's machine
is windows, so I spend the majority of my time waiting for it to reboot when
I've reassigned the nameservers)
one other thing of note, based on your second problem with the ppp
connection, if you're running /etc/rc.d/rc.firewall from /etc/rc.d/rc.local
and this is supposed to run after the modem connects, if it doesn't connect,
the script will still run, it will just throw out errors when you try to set
ipchains rules for ppp0 (since technically, ppp0 doesn't exist yet). A
better place to put this might be /etc/ppp/ip-up. Red Hat says not to modify
ip-up, rather to put the scripts you want to run on reconnect in
ip-up.local, however, I've had problems with it running ip-up.local, so I
just add /etc/rc.d/rc.firewall just before the exit in ip-up, haven't had
any problems with that. This is also good if you have a dynamic IP address,
since your firewall script (if it's anything like mine) needs to be
re-executed taking into account the new external IP. Otherwise, you'll end
up inadvertently firewalling out imporatnat things like your name server,
and even pings to your linux box's external interface from the linux box
itself.
however now that you've read all of this, I'll tell you that the main
problem would probably be the modem not connecting...if you've got your
firewall set to run after the modem connects on boot-up, then the firewall
script, or rather, ipchains, will give you errors when it can't find your
external interface. You might try running
"/etc/sysconfig/network-scripts/ifup ppp0" to skip past kppp, but in the
end, that still uses pppd, so if your problem lies in pppd, I'm not sure
what to say, other than, if you can scour the files to find that one line of
offending code, you might want to do that, but then again, you could save
yourself time by just reinstalling ppp, maybe someone else might have a
better suggestion.
Brian
> -----Original Message-----
> From: Lighthouse Keeper in the Desert Sun
> [mailto:[EMAIL PROTECTED]]
> Sent: Monday, January 24, 2000 4:05 PM
> To: [EMAIL PROTECTED]
> Subject: [techtalk] Really weird computer troubles
>
>
> Okay. So, as some of you may already know, my system was
> hacked a week or
> two before Christmas. So I backed up the important data
> (minus one dialup
> script, but that's a problem I'll get to shortly.) and put a
> tarball of it
> on Ben's Mac. I figured I'd deal with it when we got back
> from vacation,
> seeing as it was close to time for us to head out of state
> for 3 weeks.
> So I got back and wanted to set it up again. I'd already reinstalled
> (clean reinstall; reformat and everything. :P) RedHat 6. So
> I put the 2
> files I needed (rc.local and rc.firewall) on my computer from
> floppy. I
> rebooted, and the IP masquerading still didn't come up.
> Actually, it did
> come up fine. However, there is a noticable lack of
> communication from my
> computer to ben's. According to a friend, who kindly looked
> at all sorts
> of output data for me, everything looks like it's happy, on
> both ends. So
> where the problem lies is beyond me. More details can be
> furnished, if
> one so desires.
>
> Then there's the dialing problem. This problem lies within
> chat/pppd. I
> can't get the modem to initialize using pppd/chat. But kppp
> works fine.
> I used the kppp init string in the dialing script, and it doesn't do
> anything. Actually, it does. It starts the script, then hangs at
> initializing the modem. I used this script once, and it
> worked (mostly.
> That time it got confused waiting for the command line on the
> other end.)
> But it initialized the modem. Now it just sits there, hangin
> until I kill
> the process. And kppp uses the same string to initialize it, and it's
> fine.
>
> Any ideas? I think i'm going to go insane soon.
>
> Conni
>
> --
> I'm having some difficulty with the idea that an AI needs nookie.
> -Michael, User Friendly 6/01/99
>
> http://www2.one-eyed-alien.net/~ccovingt
>
> http://www.angelfire.com/anime/Galadriel
>
>
>
> ************
> [EMAIL PROTECTED] http://www.linuxchix.org
>
************
[EMAIL PROTECTED] http://www.linuxchix.org
