On Tue, May 16, 2000 at 05:05:42PM +0200, Oswald Buddenhagen wrote:
> > I have a box that I want to do IP forwarding. But, I can't ping outside
> > hosts through it. The firewall sends packets from me, but it doesn't
> > re-forward the ICMP echo replies (although you can see them with iptraf in
> > promiscuous mode) back.
>
> just an idea to make it easier to spot the error:
> add ipchains rules, which do logging:
> ipchains -A {input|output|forward} -j ACCEPT -l
> look, what happens then.
I'll see about that.
> possibly your problem is a routing one. does pinging the hosts from the
> gateway work?
Yep. It works fine. Also, the pings are actually going out of the firewall
and coming back, but the firewall doesn't seem to see them to route them back.
In fact, I can only tell that the replies are coming back when I use iptraf
and put the card in promiscuous mode.
--
Please always Cc to me when replying to me on the lists.
"Real hackers mostly think crackers are lazy, irresponsible, and not very
bright, and object that being able to break security doesn't make you a
hacker any more than being able to hotwire cars makes you an automotive
engineer."
-- The Hacker HOWTO
Dwayne C. Litzenberger - dlitz@cheerful.com
See the mail headers for GPG/advertising/homepage information.
Attachment:
pgpeYf2hWhEyN.pgp
Description: PGP signature