Hallo erstmal! Jeff Katcher ([EMAIL PROTECTED]): > > > Rainer Clasen wrote: > > > > Hi! > > > > This may be offtopic - its not debian-specific. But I'm not sure where to > > ask at all (linux-net is announced as "development" list ...). I appreciate > > pointers to the correct forum. > > > > Ok, first some ASCII-art to confuse the reader ;-) > > > > 10base2 > > | > > V > > NET_A > > |--------------------------------------------- .... ---| > > | | | > > | NET_B | | > > BOX_A ----------------------- BOX_B BOX_C > > | > > |NET_C ^ > > | | > > | <-- 100baseTX crosslink > > | > > BOX_D > > > > As you can see BOX_A is my 100mbit router running 2.1.125. BOX_B is 2.0.35 > > with masquerading stuff turned on. BOX_B has a route to NET_C via BOX_A's IP > > in NET_B. BOX_C's default route points to BOX_B. > > > > But: BOX_D can't connect/ping whatever to any IP on NET_A!! I traced a ping > > to BOX_C by adding logged ACCEPT rules to BOX_A's and BOX_B's firewall: Ping > > gets in to BOX_A, BOX_A sends it out to NET_A, BOX_C replies, BOX_B gets it, > > and sends it out through NET_B - BUT BOX_A doesn't see it > > > > If I telnet from BOX_D to BOX_B, I get those <unknown> syslog entries known > > from half-port scanning. > > > > Rainer > > Have you set up Firewalling through ipfwadm for BOX_B (or is it packet > forewarding)?
No. Rainer -- KeyID=58341901 fingerprint=A5 57 04 B3 69 88 A1 FB 78 1D B5 64 E0 BF 72 EB
