Hi, On Sun, 14 Jan 2007 20:27:11 +0100 "Daniel Pielmeier" <[EMAIL PROTECTED]> wrote:
> I can connect from the router to the internet. > I can log in from the router to the desktop per ssh and back. > I have set up an rsync on the router and rsync works from the desktop. > I have set up dnsmasq on the server and dns is working on the desktop. > I can ping between router and desktop and from the router to the > internet > [...] > I can't ping from the desktop to the internet. OK, so forwarding is broken. > route > > Kernel IP routing table > Destination Gateway Genmask Flags Metric Ref Use Iface > dslb-088-067-01 * 255.255.255.255 UH 0 0 0 ppp0 > localhost * 255.255.255.0 U 0 0 0 eth0 > loopback * 255.0.0.0 U 0 0 0 lo > default dslb-088-067-01 0.0.0.0 UG 0 0 0 ppp0 Looking at this, I wouldn't even expect it to work at all, since the only route via eth0 is for "localhost". But since you can connect between router and desktop, I think you borked your /etc/hosts. "localhost" clearly doesn't seem to be assigned to 127.0.0.1. So fix your hostnames! This here: > /etc/hosts > > 127.0.0.1 localhost > 192.168.0.1 gentoo-vdr.linux gentoo-vdr > 192.168.0.2 gentoo.linux gentoo > ::1 localhost just can't be true if the routes above are the complete routes and you can connect to your desktop from the router. Another option than /etc/hosts may be a seriously broken dnsmasq config. > > For those who are not familiar with shorewall here are the > > generated iptables on the router. > > iptables -L -t filter > > Chain FORWARD (policy DROP) > target prot opt source destination Empty FORWARD chain and policy DROP means everything not going to the router itself is gonna be dropped. Note that you made yourself a hard time since there's DROP and REJECT (built-in targets) and you also reference "Drop", "drop", "Reject" and "reject" targets. I never used shorewall, but if that naming is from them, they are clearly freaks. -hwh -- gentoo-user@gentoo.org mailing list
