ip masquerading

To: Debian Users <debian-user@lists.debian.org>
Subject: ip masquerading
From: Daniel Asarnow <dasarnow@gmail.com>
Date: Wed, 10 Nov 2004 19:03:59 -0800
Message-id: <[🔎] 10a06e6004111019038248d6a@mail.gmail.com>
Reply-to: Daniel Asarnow <dasarnow@gmail.com>

Hey all,
I have set up my debian box as a firewall/router for my home network
(using firehol to actually make the firewall).  Everything seems to be
working just fine, except that the computers behind the firewall box
can only access some websites.  They can perform succesful DNS lookups
on any site with a DNS record, but they can't ping (or load in a web
browser) a could chunk of them (notably, ebay.com, amazon.com,
nasa.gov).  Similarly, they can't SMTP to some servers.  When I
traceroute these servers from these computers, the route deadends
about one server before the website itself, on a server owned by the
orginization/company.  For example, traceroute amazon.com times out on
a <stuff>.amazon.com.
I have no idea why it's doing this...I thought maybe it was https or
SSL sites, but wellsfargo.com works, as does barnesandnoble.com.  I
also had thought it was certain IP ranges that weren't working
properly.  This is also not the case; sites which can't be accessed
come from all over the IP spectrum.  It seems that the computers
behind the firewall are unable to ping or ssh into the debian router.
The debian box can do everything flawlessly.
The complete output of iptables -L is here: www.boxbattle.com/iptables.txt
A bit long...


Thanks in advance,
D. A.

Reply to:

Follow-Ups:
- Re: ip masquerading
  - From: Alan Chandler <alan@chandlerfamily.org.uk>

Prev by Date: Playing ogg files
Next by Date: Re: playing cds
Previous by thread: Re: Playing ogg files
Next by thread: Re: ip masquerading
Index(es):
- Date
- Thread