Home network router does not forward LAN traffic

To: <debian-user@lists.debian.org>
Subject: Home network router does not forward LAN traffic
From: "Kosta Porotchkin" <kporotchkin@gmx.net>
Date: Fri, 6 Jun 2003 16:45:18 +0200
Message-id: <[🔎] 000301c32c3a$40c95ed0$0201a8c0@homecompaq>

Hello, experts!
My feeling that I have a simple problem, which I cannot solve alone.
Would appreciate any help from community.

I have a 3-computer network at home:
First Windows workstation: 192.168.1.2/16, gw 192.168.1.1
Second Windows workstation 192.168.2.2/16, gw 192.168.2.1
Linux server/NAT firewall/gateway running Debian Woody 3.0: 
   eth0: 10.0.0.150/24 connected to ADSL modem/router (10.0.0.138)
   eth1: 192.168.1.1/24 connected to the first workstation
   eth2: 192.168.2.1/24 connected to the second workstation

Gateway output of "netstat -rn":
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window 
irtt Iface
10.0.0.0        0.0.0.0         255.255.255.0   U        40 0         
0 eth0
192.168.2.0     0.0.0.0         255.255.255.0   U        40 0         
0 eth2
192.168.1.0     0.0.0.0         255.255.255.0   U        40 0         
0 eth1
0.0.0.0         10.0.0.138      0.0.0.0         UG       40 0         
0 eth0

I am running iptables firewall configured with jay-firewall script.
Here some output from "iptables -L" command which related to the home
LAN:

Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
JAY_LANIN  all  --  anywhere             anywhere
JAY_LANIN  all  --  anywhere             anywhere
JAY_INETIN  all  --  anywhere             anywhere
JAY_LDROP  all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
JAY_FWD_LAN_LAN  all  --  192.168.1.0/24       192.168.2.0/24
JAY_FWD_LAN_LAN  all  --  192.168.2.0/24       192.168.1.0/24
JAY_FWD_INET_LAN  all  --  anywhere             192.168.1.0/24
JAY_FWD_INET_LAN  all  --  anywhere             192.168.2.0/24
JAY_FWD_LAN_INET  all  --  192.168.1.0/24       anywhere
JAY_FWD_LAN_INET  all  --  192.168.2.0/24       anywhere
JAY_LDROP  all  --  anywhere             anywhere

Chain JAY_FWD_LAN_LAN (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Now the PROBLEM:
My workstations cannot talk to each other!
Any one of two workstations can connect to the internet, I can ping
every network interface on Linux server from any workstation, but when
I am trying to ping between them, there is no answer.
Traffic sniffer shows that there is no answer to arp requests sent from
workstations. The arp table on the gateway includes arp entries for
both workstations during that test.

The question:
What is wrong and where? Is my routing table wrong or the problem is
in iptables configuration?

Many thanks to everyone who will help.

Konstantin.

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.487 / Virus Database: 286 - Release Date: 6/1/2003

Reply to:

Follow-Ups:
- Re: Home network router does not forward LAN traffic
  - From: Richard Hector <rhector@paradise.net.nz>
- Re: Home network router does not forward LAN traffic
  - From: Paul Johnson <baloo@ursine.ca>

Prev by Date: Re: ALSA/SBLive problem
Next by Date: Re: exim + mutt
Previous by thread: Re: Backporting of debhelper: loops in dependencies !?
Next by thread: Re: Home network router does not forward LAN traffic
Index(es):
- Date
- Thread