>===== Original Message From [EMAIL PROTECTED] ===== > Subject: iptables modules kill ppp > Date: Sun, Jul 01, 2001 at 09:23:28PM -0500 > >Quoting Matthew Garman([EMAIL PROTECTED]): >> I posted not too long ago about PPP not working with my new kernel. The >> culprit turned out to be the iptables modules. When the following modules >> are loaded, PPP won't work: > >Please define, "PPP won't work".
I meant it won't work as in what I described in my previous email post to the list about PPP not working with a kernel upgrade. To recap: I can use pon to dial my ISP, I connect, and get an IP number assigned. /sbin/route shows that everything is setup as expected. However, with the iptables modules loaded, I cannot use any network programs. It is not possible to do DNS lookups. If I try to ping a host, using it's numerical IP addres, *as root*, I get the following error: "sendto: operation not permitted" >Can you use the net from the firewall? >Does the connection drop, or do you mean that systems behind the >firewall can't connect to the net? The connection does not drop. I meant to stress in my original post that these things happen *with no firewall*, or at least, no iptables rules. In other words, I flush all the rulesets, and set the default policy to all built-in chains to ACCEPT. So there is effectively no real firewall. But once I use rmmod to remove all the iptables-related modules, the PPP problem goes away. >If what you mean is the latter, have you enabled forwarding >(echo 1 > /proc/sys/net/ipv4/ip_forward)? >Did you include the rule to enable masquerading? >$IPTABLES -t nat -A POSTROUTING -o ppp0 -s $NETWORK -j MASQUERADE I'm not trying to use masquerading or NAT in my current setup. Do I still need to issue these commands? As a sidenote, the reason I was playing with my firewalls and new kernel upgrades is as follows: at school, I have a cablemodem which is shared through an internal LAN, using my computer as the gateway machine. I had everything setup using ipchains and kernel 2.2.18 last semester. When I go back to school in the fall, I want to have my iptables-based firewall ready to go. So all my firewall rules applied to eth0 and eth1... there were no iptables rules for ppp0. Thanks again, Matt <[EMAIL PROTECTED]>
