On Thu, Jul 19, 2001 at 07:07:12PM -0500, Robert Matijasec wrote: > I am using Debian 2.2 (potato) with ipchains 1.3.9
Yep. Join the club. > I can ping other computers on my network when ipmasq is > disabled. But when it's on I get a operation not permitted > message when I try to ping another machine. So as someone > hinted before, this is probably something wrong with > my firewall rules. I do not understand you. Which machine run ipmasq? What are the source and destination of ping. > First of all do I need to recompile kernel to get masq > to work w/my version of Debian ? As far as you use default kernel, No. It works as is. > I followed config file for 2.2.x kernels in the masq > HOWTO, but I must not be doing something right. > in any case this is what ipchains -L gives me : > target prot opt source destination ports > ACCEPT udp ------ anywhere anywhere bootps -> bootpc ??? Does this allow reply from bootpc ->bootps ? Mine has both. ACCEPT udp ------ anywhere anywhere any -> bootpc ACCEPT udp ----l- myhost.domain.com anywhere bootpc -> any > Chain forward (policy DENY): > target prot opt source destination ports > MASQ all ------ 192.168.0.0/24 anywhere n/a > Chain output (policy DENY): > I am connecting to my provider with dhcpcd, and that > works as well when ipmasq is not engaged. Did you check examples in /usr/share/doc/ipmasq? > I noticed that some docs use 192.168.0.* for class C > networked machines while the masq pages use > 192.168.1.* for machines on the network, does this > matter at all ? Which ever works as long as you assign them consistently. check /etc/network/interfaces Osamu -- ~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ + Osamu Aoki <[EMAIL PROTECTED]>, GnuPG-key: 1024D/D5DE453D + + My debian quick-reference, http://www.aokiconsulting.com/quick/ +
