Matt Perry wrote:
On Sun, 1 Aug 2004, Jonathan Barnes wrote:my Debian Box. eg: The Firewall can ping my Debian Box, but my Debian Box can't ping the firewall.It's sounds like IP forwarding isn't working. Take down the interface that uses 10.1.1.1 and then try to ping the firewall. What happens? What is the output when you run "cat /proc/sys/net/ipv4/ip_forward" ?If you get a zero, execute "echo 1 >/proc/sys/net/ipv4/ip_forward" bring up the 10.1.1.1 interface and try things then. Let us know what happens.
Thanks for your reply,After taking down eth1(10.1.1.1) I was still unable to ping anything, and ip_forward was already on.
It's just so weird that it can reply to requests initiated by other machines (eg. people checking their mail from the outside) but it cant make any requests of its own. Sounds like a statefull firewall problem, but as I said, I've tried clearing all iptables rules. And it can't be the other firewall because none of the other workstations are affected and the problem still exists if I set the IP to be something other than 10.0.0.2.