On Fri, 11 Sep 1998, Christopher Fury wrote:
> I'm trying to setup a local lan at my house with a firewall to allow > access to the outside world. I've followed the Firewall-FAQ and I > can't seem to see what I've done wrong... Maybe somebody can tell me. > I'm running Debian 2.0. > > I have the following network options set in my kernel: > > x x [*] Network firewalls > x x [ ] Network aliasing > x x [*] TCP/IP networking > x x [ ] IP: forwarding/gatewaying > x x [ ] IP: multicasting > x x [ ] IP: syn cookies You will need ip masquerading and forwarding > x x [*] IP: firewalling > x x [*] IP: firewall packet logging > x x [ ] IP: masquerading > x x [ ] IP: always defragment > x x [*] IP: accounting > x x [ ] IP: optimize as router not host > x x < > IP: tunneling > x x --- (it is safe to leave these untouched) > x x [ ] IP: PC/TCP compatibility mode > x x < > IP: Reverse ARP > x x [ ] IP: Disable Path MTU Discovery (normally enabled) > x x [*] IP: Drop source routed frames > x x [*] IP: Allow large windows (not recommended if <16Mb of memory) > > # ifconfig > lo Link encap:Local Loopback > inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0 > UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1 > RX packets:129 errors:0 dropped:0 overruns:0 frame:0 > TX packets:129 errors:0 dropped:0 overruns:0 carrier:0 > Collisions:0 > > eth0 Link encap:Ethernet HWaddr 00:C0:DF:46:FE:61 > inet addr:198.82.204.103 Bcast:198.82.204.255 > Mask:255.255.255.0 > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:17436 errors:0 dropped:0 overruns:0 frame:80 > TX packets:2911 errors:11 dropped:0 overruns:0 carrier:22 > Collisions:383 > Interrupt:5 Base address:0x300 > > eth1 Link encap:Ethernet HWaddr 00:C0:F0:35:46:F1 > inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0 > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:71 errors:0 dropped:0 overruns:0 frame:0 > TX packets:153 errors:0 dropped:0 overruns:0 carrier:0 > Collisions:0 > Interrupt:4 Base address:0x240 > > # route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use > Iface > 198.82.204.0 0.0.0.0 255.255.255.0 U 0 0 9 > eth0 > 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 8 > eth1 > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 2 > lo > 0.0.0.0 198.82.204.1 0.0.0.0 > > when I try to ping something inside my network, the hub registers the > data... but none of the packets seem to get through to the other > machine. > Same thing happens when I ping from a machine inside my network to the > firewall. > > Do I have to set IP forwarding/gateway? I notice the NET-3 howto says > something about that, but the Firewall-HOWTO says to leave it off unless > you want IP-Filtering. I think I'm just going to be using SOCKS. > > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null > >
