Re: Masquerade doesn't work

To: debian-firewall@lists.debian.org
Subject: Re: Masquerade doesn't work
From: "Marcos S. Trazzini" <mstrazzini@gmail.com>
Date: Wed, 12 Oct 2005 11:36:46 -0300
Message-id: <[🔎] 20051012143646.GB6044@mobilion>
In-reply-to: <[🔎] 20051010173047.96FA42DDD2@murphy.debian.org>
References: <20051010171521.5A6052DF38@murphy.debian.org> <[🔎] 20051010173047.96FA42DDD2@murphy.debian.org>

On Mon, Oct 10, 2005 at 07:30:46PM +0200, Dexter wrote:
> Hello,
> I've installed Debian Sarge (just basic system packages). I'm trying to
> setup Shorewall firewall on it. My problem is, that Masquerade is not
> working. That is:
> -I can ping from local system to firewall
> -I can ping from firewall to Internet
> -I can NOT ping from local system to Internet
> When I run:
> #tcpdump -i eth0 icmp 
> which will listen for icmp packed on my external interface. And I ping from
> local system to internet. 
> I can see outgoing echo request packages, BUT with source address of local
> system. So no reply can come back to me. Now it's clear, that problem is
> masquerading.
> I've set up also /etc/shorewall/masq:
> ----------
> eth0 eth1
> ---------
> What did I miss? I have no idea, what is wrong.

Do you have setup th "ip_forward" statement?

Try:

# sysctl -e net.ipv4.ip_forward=1

--
Marcos S. Trazzini

Reply to:

Follow-Ups:
- Re: Masquerade doesn't work
  - From: Paul Gear <paul@gear.dyndns.org>

References:
- Masquerade doesn't work
  - From: "Dexter" <dexter@madalbal.sk>

Prev by Date: Re: About network traficc
Next by Date: Re: Masquerade doesn't work
Previous by thread: Re: Masquerade doesn't work
Next by thread: Re: Masquerade doesn't work
Index(es):
- Date
- Thread