[NTLUG:Discuss] can't ping outside

clyde swann swannc at hotmail.com
Mon Jun 19 16:44:16 CDT 2000 

cat command gives a "1" for IP_forward.  ipchains is as you stated, except 
my last line specifies ipchains -A input -p tcp -d any/0 80 REDIRECT 3180 
for transparent proxying.  any other suggestions?

thank for your reply!


>From: Peter Smith <peters at bakura.bitstreet.net>
>Reply-To: discuss at ntlug.org
>To: clyde swann <swannc at hotmail.com>
>CC: discuss at ntlug.org
>Subject: Re: [NTLUG:Discuss] can't ping outside
>Date: Mon, 19 Jun 2000 16:10:59 -0500 (CDT)
>
>You have already checked all your ipchains rules right?  At a minimum, be
>sure that ipchains -L shows:
>
>   Chain input (policy ACCEPT):
>   Chain forward (policy ACCEPT):
>   Chain output (policy ACCEPT):
>
>If not, then that could be your problem.  Perhaps you are allowing
>everything except ICMP replies?  Or perhaps you are disallowing sending
>ICMP requests?
>
>BTW, what does cat /proc/sys/net/ipv4/ip_forward give you?  I do hope it
>returns "1".
>
>Peter
>
>On Mon, 19 Jun 2000, clyde swann wrote:
>
> > i have the same issue and i have ip_forwarding compiled on in the 
>kernel, as
> > well it is set on in /etc/sysctl.conf.  i've even tried sending the 
>command
> > echo "1" > /proc/sys/net/ipv4/ip_forward from rc.local to no avail.  as
> > stated in this message other services are getting out.  if ip_forwarding 
>was
> > not set then nothing would bridge over to the outside nic.  i'm starting 
>to
> > thing a bug somewhere with all the combinations i've tried.  could there 
>be
> > an issue with route?  i'm thinking about going with iproute to see if 
>that
> > makes a difference.  i've have read of strange occurances happening with
> > route.  any comments on this please?
> >
> >
> > >From: Peter Smith <peters at bakura.bitstreet.net>
> > >Reply-To: discuss at ntlug.org
> > >To: bobby at wrennest.com
> > >CC: "discuss at ntlug.org" <discuss at ntlug.org>
> > >Subject: Re: [NTLUG:Discuss] can't ping outside
> > >Date: Wed, 7 Jun 2000 12:56:35 -0500 (CDT)
> > >
> > >Sounds to me like you need to turn on the kernel's IP_FORWARDing 
>features
> > >(they were most likely defaulted on you old box.)  You'll need to check
> > >the current state of forwarding by issuing this command as root:
> > >
> > >cat /proc/sys/net/ipv4/ip_forward
> > >
> > >It it returns "0" then you know that is the problem.  For any data to 
>get
> > >from one NIC to the other NIC you _have_ to have ip_forward set to "1".
> > >So you need to issue this next command as root:
> > >
> > >echo 1 >/proc/sys/net/ipv4/ip_forward
> > >
> > >There is most likely a place in your Redhat install's config where you
> > >should permanently set this.  You'll probably want to look into
> > >"linuxconf" to access the networking menus where linuxconf's scripts 
>will
> > >always set this kernel proc variable.
> > >
> > >Hope this helps,
> > >Peter
> > >
> > >On Wed, 7 Jun 2000 bobby at wrennest.com wrote:
> > >
> > > > I just set up a new router for my dsl line. On the old router I can 
>ping
> > > > inside addresses (192.168.1.x) and the address of the nic connected 
>to
> > > > the dsl. I can also ping address out in the world. Other services 
>work
> > > > fine (lynx, ncftp, etc).
> > > >
> > > > On the new box configured with RH6.0 with both nic's enabled. I can 
>do
> > > > all of the above except ping addresses out in the world.
> > > >
> > > > Where do I turn icmp on and off or is it something else I am 
>missing. I
> > > > know I never did anything on the old box to make pings work they 
>just
> > > > always have.
> > > >
> > > > Thanks to all for any help
> > > > Bobby
> > > > --
> > > > This tagline is identical to the one you are reading.
> > > >
> > > > _______________________________________________
> > > > http://ntlug.org/mailman/listinfo/discuss
> > > >
> > >
> > >
> > >_______________________________________________
> > >http://ntlug.org/mailman/listinfo/discuss
> >
> > ________________________________________________________________________
> > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
> >
> >
> > _______________________________________________
> > http://ntlug.org/mailman/listinfo/discuss
> >
>
>
>
>_______________________________________________
>http://ntlug.org/mailman/listinfo/discuss

________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com

More information about the Discuss mailing list