l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 20: Web Application Hacking: How to Make and Break Security on the Web
Next Installfest:
TBD
Latest News:
Oct. 10: LUGOD Installfests coming again soon
Page last updated:
2001 Dec 30 17:08

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Linux as gateway
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Linux as gateway



jimmy,

you can get some clues about where the packets are going.

1. from your 'gateway' type: tcpdump -i eth(outside)
2. from your internal machine, type ping (outside whatever)

see if the ping packets are leaving your livingroom network.  also, try:

1. from your 'gateway' type: tcpdump -i eth(inside)
2. from your internal machine, type ping (outside whatever)

see if the gateway is receiving packets from the local machine.  also, try:

1. from infernal machine, type:  tcpdump -i eth0
2. from infernal machine, type:  ping (outside whatever)

now you should know exactly where packets are going and where they're not
going.

i've never played with iptables before; i still use ipchains.  actually, i'm
waiting for jeff to teach me iptables.  ;)

also, is this gateway simply providing masquerading or is it actually
filtering?

pete


begin: Terminator <jimmyzhou@bigfoot.com> quote
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> hi,
> 
> I'm trying to let a Redhat 7.1 act as a gateway, following steps are
> what I did on the gateway machine:
> 1. echo 1 > /proc/sys/net/ipv4/ip_forward
> 2. ensure iptables's all default policies to be ACCEPT, such as FORWARD,
> INPUT, OUTPUT, POSTROUTING...
> 
> Then in the internal machines, I set the default gateway to be the
> internal ip address of the gateway.
> 
> >From the internal machines, I can ping the internal ip address of the
> gateway, and the external ip address of the gateway. But when I tried
> to ping some other external ip address, it always failed without any
> response.
> 
> Anybody can figure out if I did something wrong? Thanks a lot!
> 
> Jimmy
> ____________________________________________________________
> Jingmin (Jimmy) Zhou
> E-mail : jimmyzhou@bigfoot.com         ICQ : 19587415
> 
> The future is not set.  There is no fate but what we make
> for ourselves.             - Terminator II, Judgement Day
> ____________________________________________________________
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
> 
> iEYEARECAAYFAjuKsUwACgkQZ1kuLJJ1tnLyUQCghcPiBKx8jFhJCE2zpA7uT9mm
> 5nEAn3TkgUmuCcE4hwyWyvIvS/YhXr8S
> =SAO2
> -----END PGP SIGNATURE-----
> 

-- 
"The following addresses had permanent fatal errors..."      p@dirac.org
                               -- Mailer Daemon              www.dirac.org/p


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!