Hello
On Wed, Jan 23, 2008 at 10:13:42AM +0100, Carlos Enrique Carleos Artime wrote:
> Present situation:
[...]
> Ping from A to B 192.168.2.1 failed:
> knoppix@A:~$ ping 192.168.2.1
> PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.
> ping: sendmsg: Operation not permitted
> ping: sendmsg: Operation not permitted
From host A you said ping 192.168.0.1 is ok but 192.168.2.1 does not work.
Have you tried both pings with the user "knoppix" or just the second one?
$ ls -l /bin/ping
-rws--x--x 1 root root 34628 3. Jdn 13:54 /bin/ping
^ perhaps your "ping" is not suid-root or
the "nosuid"-Flag is set on the "/"-Partition?
[...]
Is the following Correct?
Host A (eth1) Host B (rl0) Host B (ural0) Host C (ural0)
192.168.0.2/24 <--> 192.168.0.1/24 + 192.168.2.1/24 <--> 192.168.2.2/24
Host A (192.168.0.2/24)
ping 192.168.0.1 ok
ping 192.168.2.1 not ok <-- see above.
ping 192.168.2.2 <-- what about that?
Host B (192.168.0.1/24, 192.168.2.1/24)
ping 192.168.2.2 ok
ping 192.168.0.2 ok
ping anywhere_in_internet ok
Host C (192.168.2.2/24)
ping 192.168.2.1 ok
ping 192.168.0.1 ok
ping 192.168.0.2 not ok
What's the routing-Configuration from Host B?
Does it any NAT or just routing?
If there is any NAT-Configuration on B, then remove it.
Is IP-forwarding enabled on Host B as well?
> Many thanks for your time and help :-)
>
> root@A:~# iptables -L FORWARD
> Chain FORWARD (policy DROP)
> target prot opt source destination
> ACCEPT 0 -- 192.168.0.0/24 anywhere
ACCEPT 0 -- 192.168.2.0/24 anywhere <-- that is missing!
[...]
best regards
Koppensteiner Mario
Attachment:
pgpSwiB6dsyvC.pgp
Description: PGP signature