Re: firewall prerequisite

[Michael Wood <wood@kingsley.co.za>]

Hi

On Thu, Feb 08, 2001 at 12:05:30PM -0500, Casey W. Liscum wrote:
> I have a potential firewall box set up with 2 NICs (3c59x and
> tulip).  They are both loaded and appear in /proc/interrupts.
> I am able to ping outside but not the internal network.  Boxen
> inside also cannot see the firewall.  I know this is an easy
> question, but I swear I can't figure it out.  Both the

Here's a silly answer for your "easy" question :)

Have you tried using the "-n" option to ping to make sure it
doesn't do DNS lookups?  If you don't do that and it can't
resolve the IP addresses, it will seem not to do anything for
quite a while before printing the responses.

You can also try running "tcpdump -i eth1 -n" while pinging to
see if you're getting traffic, even if ping isn't printing it
yet...

[snip]
> iface eth1 inet static
> 	address 192.168.1.3
> 	netmask 255.255.255.0
> 	network 192.168.1.0
> 	broadcast 192.168.1.255
> #	gateway aaa.bbb.ccc.ddd
[snip]

This looks OK to me.  There should NOT be a gateway on eth1, but
you have it commented out anyway...

[snip]
> eth1      Link encap:Ethernet  HWaddr 00:10:5A:14:D7:11  
>           inet addr:192.168.1.3  Bcast:192.168.1.255 Mask:255.255.255.0
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:7 errors:1 dropped:0 overruns:0 frame:2
>           TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:100 
>           Interrupt:5 Base address:0xe400 
[snip]

This looks like the card is working.  OK, you got one receive
error, but you transmitted some packets and received some
packets.

Hope this helps.

-- 
Michael Wood        | Tel: +27 21 762 0276 | http://www.kingsley.co.za/
wood@kingsley.co.za | Fax: +27 21 761 9930 | Kingsley Technologies