Re: IP-Chains, etc.

To: Corey Popelier <pancreas@dingoblue.net.au>
Cc: debian-user@lists.debian.org
Subject: Re: IP-Chains, etc.
From: <ron@wep.tudelft.nl>
Date: Wed, 31 May 2000 03:51:54 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.21.0005310349480.21116-100000@tank.rademaker.dhs.org>
In-reply-to: <[🔎] Pine.LNX.4.21.0005310751170.8263-100000@Pancreas>

Why are you using a proxy, just go to your win network option, to the
tcp/ip properties and set the gateway to the lin box, as well as the
dns...

Ron

By the way, did you try adding that masq ipchains rule?

On Wed, 31 May 2000, Corey Popelier wrote:

> Some additional information I can give, is that a ping from the Windows
> box behaves as follows:
> 
> (win) ping 203.24.100.1
> 
> (tcpdump from linux box)
> 
> 10.0.0.2 > dialup-gw.aceonline.com.au: icmp: echo request
> (above line times 4).
> 
> Now this would indicate to me that IP forwarding is occurring. But no
> reply is coming back (possibly due to ICMP Masq not compiled in kernel).
> 
> Now I have told the Win box to use a gateway of 10.0.0.1 (Lin box). If I
> set the proxy to use to in IE to 10.0.0.1, a tcpdump says:
> 
> 10.0.0.1.wwww > 10.0.0.2.1033    ...etcetc
> 10.0.0.2.1033 > 10.0.0.1.www     ...etcetc
> arp who-has 10.0.0.2 tell 10.0.0.1
> arp reply 10.0.0.2 is-at 0:a0:24:96:43:bc
> 
> What I am trying to establish is if whether I am missing kernel options,
> or whether I've just got a configuration problem.
> 
> Thanks Ron btw.
> 
> Cheers,
>  Corey Popelier
>  http://members.dingoblue.net.au/~pancreas
>  Work Email: copo@commerce.wa.gov.au
> 
> On Tue, 30 May 2000, Ron Rademaker wrote:
> 
> > I'm not a telepath, I can't see from here if you got the right things in
> > your kernel ;) But you ipchains misses something, the masquerading, you
> > should do:
> > 
> > ipchains -A forward -j MASQ -s <you lan network>/24 -d 0/0
> > 
> > I can tell you what you should have in your kernel: IP Masquerading, if
> > you want to masquerade ping, you should also have ICMP Masqerading.
> > 
> > Ron Rademaker
> > 
> > On Tue, 30 May 2000, Corey Popelier wrote:
> > 
> > > Ok I now have my Debian and Windows boxes networked, and I tried to set up
> > > IP Chains as follows:
> > > 
> > > ipchains -P forward DENY
> > > ipchains -A forward -i ppp0 -j ACCEPT
> > > 
> > > Now whenever I traceroute something from the Win box I get:
> > > 
> > > 1       1ms    <10ms    <10ms      (Linux box).
> > > 2        *       *        *
> > > 
> > > etc.
> > > Now I realise ICMP packets are handled by a different kernel option. Can I
> > > get this working without building a new kernel?
> > > 
> > > Secondly, I have set the Win box with a gateway of the Lin box, and web
> > > pages still won't load. Now I've heard this is the case if the IP Masq
> > > stuff wasn't included in the kernel (2.2.15pre19-1 btw, and Win98), and
> > > the only hint I've seen in HOWTO's is to check for a file:
> > > 
> > > /proc/net/ipfw_chains
> > > 
> > > I get a file listed when I ls -al this (its 0 bytes tho).
> > > 
> > > Now have I just simply missed kernel options and thus need to build a new
> > > one, and if so which, or what is going on that causes me to not be able to
> > > access the web from the Windows box, using the Linux box as the gateway?
> > > 
> > > 
> > > Cheers,
> > >  Corey Popelier
> > >  http://members.dingoblue.net.au/~pancreas
> > >  Work Email: copo@commerce.wa.gov.au
> > > 
> > > 
> > > -- 
> > > Unsubscribe?  mail -s unsubscribe debian-user-request@lists.debian.org < /dev/null
> > > 
> > 
>

Reply to:

Follow-Ups:
- Re: IP-Chains, etc.
  - From: Corey Popelier <pancreas@dingoblue.net.au>

References:
- Re: IP-Chains, etc.
  - From: Corey Popelier <pancreas@dingoblue.net.au>

Prev by Date: Re: IP-Chains, etc.
Next by Date: Re: IP-Chains, etc.
Previous by thread: Re: IP-Chains, etc.
Next by thread: Re: IP-Chains, etc.
Index(es):
- Date
- Thread