l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2001 Dec 30 17:08

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Linux as gateway
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Linux as gateway



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thanks for the hint. I run tcpdump -i eth(outside) src internal-
machine-ip, and ping external ip address of gateway, tcpdump
capture nothing. but if I ping other external ip address, tcpdump
capture icmp echo packages. So what's the possible problem here?

Also, if I run tcpdump -i eth(inside) ip proto \\icmp, and ping
from internal machine to internal ip, external ip of gateway,
tcpdump capture both packages. If I ping other external ip address,
tcpdump capture the icmp echo from internal machine to external
machine, but no reply.

Actually I'm trying to do some Masquerade things, but whatever
sample scripts I tried, I always could not ping outside net from
internal net. So I decide to do the simplest at first - no masquerade,
but gateway. However, it still does not work. :-((((

Thanks,
Jimmy

On Mon, 27 Aug 2001, Peter Jay Salzman wrote:

> jimmy,
>
> you can get some clues about where the packets are going.
>
> 1. from your 'gateway' type: tcpdump -i eth(outside)
> 2. from your internal machine, type ping (outside whatever)
>
> see if the ping packets are leaving your livingroom network.  also, try:
>
> 1. from your 'gateway' type: tcpdump -i eth(inside)
> 2. from your internal machine, type ping (outside whatever)
>
> see if the gateway is receiving packets from the local machine.  also, try:
>
> 1. from infernal machine, type:  tcpdump -i eth0
> 2. from infernal machine, type:  ping (outside whatever)
>
> now you should know exactly where packets are going and where they're not
> going.
>
> i've never played with iptables before; i still use ipchains.  actually, i'm
> waiting for jeff to teach me iptables.  ;)
>
> also, is this gateway simply providing masquerading or is it actually
> filtering?
>
> pete
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (IRIX)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjuKzB4ACgkQZ1kuLJJ1tnLe8gCdHrqG4hhki5aTGwvT5G1AGsZ+
GzwAnRopUOQG6o3wUWtDAx6zx16lZ9ic
=ESrv
-----END PGP SIGNATURE-----


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.