Re: Ip_forward trouble

To: Thomas Cook <sysadmin@black-gear.com>, Debian Firewall <debian-firewall@lists.debian.org>
Subject: Re: Ip_forward trouble
From: "TOKI -- linux powa :\)" <mrlinux5@yahoo.fr>
Date: 06 Jan 2002 22:06:27 +0100
Message-id: <[🔎] 1010351189.2417.0.camel@kheops>
In-reply-to: <[🔎] B85DFFD4.11FF%sysadmin@black-gear.com>
References: <[🔎] B85DFFD4.11FF%sysadmin@black-gear.com>

I have a question :
By the hell why do you divide your network with such adresses ??
You want your task to be harder ?

If i m right, your actual config is :

lan 1 : 192.168.x.y
lan 2 : 10.0.y.z

There is not a goot solution.
Best is working with sub-networks.

I suggest :

lan 1 : 192.168.1.x (1 is exemple)
lan 2 : 192.168.2.x 

You will see that it will be easier for you.
However you can use ip tuneling but these solution isn t interesting in
your case.

Be sure that it will be easier to connect 2 lan with these config.
Good luck ;)

On Sun, 2002-01-06 at 20:21, Thomas Cook wrote:
> Greetings all.  I am trying to build a firewall, and I am running into a
> little trouble, hope you can help.
> 
> What for:
> This firewall is to divide a section of my LAN from there other computers.
> The external addresses are in the 192.168... Range, the internal will be in
> the 10.0... Range. 
> 
> What I have:
> Pentium base with 2 3c509's.  Most basic Potato install (no x, no dev, no
> nothing).
> 
> What's wrong:
> The problem I continue to encounter is that the firewall will not allow
> traffic to flow through.  Here are the steps I have taken.
> 
> After initial install, I set up the second NIC in /etc/network/interfaces by
> adding address, netmask, etc.  I then restarted the network
> (etc/init.d/networking restart), with no errors.  I then changed the
> ipforward flag in /etc/network/options from no to yes, restart network
> again.  To make sure it worked I checked (more
> /proc/sys/net/ipv4/ip_forward) with a return of 1.
> 
> At this point, the primary NIC is connected to external network, working
> (tested with ping), but a test box (win 2k, setup with firewall as gateway)
> on the 2nd internal NIC can not ping the firewall and can not be pinged by
> the firewall.
> 
> I tried flushing the ip_chains rules and making INPUT OUTPUT and FORWARD all
> ACCEPT and nothing else, no luck.
> 
> I tried installing ipmasq (which I want to use once things are working
> anyway) but also no luck.
> 
> Does anyone have any suggestions?
> 
> Thanks,
> -Tom
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org



_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Reply to:

References:
- Ip_forward trouble
  - From: Thomas Cook <sysadmin@black-gear.com>

Prev by Date: Ip_forward trouble
Next by Date: Re: Ip_forward trouble
Previous by thread: Ip_forward trouble
Next by thread: Re: Ip_forward trouble
Index(es):
- Date
- Thread