Masqueraded net access problem

To: debian-user@lists.debian.org
Subject: Masqueraded net access problem
From: Patrick Mahoney <patrick.mahoney@polymtl.ca>
Date: Sat, 22 Dec 2001 04:29:10 -0500
Message-id: <[🔎] 20011222092910.GA4381@thebrain>

Hello,

Heres the description of my problem.

Workstations inside my LAN have masqueraded access to the net. Most of the addresses can be accessed without any problem, but some of them cant be reached, yet our gateway can access them without any problem. Our gateway is directly connected to our ISP and implements our firewall rules.

Gateway runs Potato 2.2 with kernel 2.2.19. My workstation runs Woody, but the same problems occur on a Windows workstations.

Examples of such addresses are:
www.admission.com
www.futureshop.ca
http://205.158.109.140/XFree86_40/1.0-2313/ (NVidia's drivers)
 +-> i can reach http://205.158.109.140/XFree86_40/, but cant access subdirectory /1.0-2313 from inside the lan. Weird, isnt it?

I would guess these are three symptoms of the same problem. 
Anyone has an idea on what it might be?
The firewall script is listed at the end of this mail.

Thanks for the help!


Pat Mahoney, no 22


#! /bin/bash
#
echo 1 > /proc/sys/net/ipv4/ip_forward
## Flush everything, start from scratch
/sbin/ipchains -F input
/sbin/ipchains -F output
/sbin/ipchains -F forward
/sbin/ipchains -F my-chain
/sbin/ipchains -X my-chain

/sbin/depmod -a
/sbin/ipchains -A forward -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT
/sbin/ipchains -A forward -s 192.168.1.0/24 -d 0.0.0.0/0 -j MASQ
/sbin/ipchains -A my-chain -p tcp -s 192.168.1.0/24 www -d 0.0.0.0/0 www -j ACCEPT

Reply to:

Prev by Date: Re: Anyone using plip?
Next by Date: Re: Iptables scripts
Previous by thread: Re: How do I get sound to work?
Next by thread: Where to slice a 2 gig drive ?
Index(es):
- Date
- Thread