| Michael Whitman on Wed, 21 Jun 2000 09:05:07 -0400 (EDT) |
|
Reposting this... I am setting up a firewall on a RH 6.0 system Our isp has given us a subnet of xxx.xxx.xxx.64 - 128 I am trying to split is up in two and put the lower half behind a firewall. The firewall machine has eth0 set to xxx.xxx.xxx.69 and eth1 set at xxx.xxx.xxx.100 the routing table is set up like this: Destination Gateway Genmask Flags Metric Ref Use Iface xxx.xxx.xxx.69 * 255.255.255.255 UH 0 0 0 eth0 xxx.xxx.xxx.100 * 255.255.255.255 UH 0 0 0 eth1 xxx.xxx.xxx.96 * 255.255.255.224 U 0 0 0 eth1 xxx.xxx.xxx.64 * 255.255.255.224 U 0 0 0 eth0 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default xxx.xxx.xxx.65 0.0.0.0 UG 0 0 0 eth0 right now the machine behind the firewall, we'll call it 'Bob', has xxx.xxx.xxx.100 as its gateway and xxx.xxx.xxx.101 is its ip number. Bob can ping both eth0 and eth1 on the firewall. however it gets no response from machines outside the firewall. We put a sniffer on an exterior machine and had Bob ping it. The packets are getting to this machine, but apparently Bob is not receiving a response. The firewall can ping Bob, and the exterior world. the exterior world can ping the firewall (both eth1 and eth0), but can not ping Bob. I have ipchains installed and the firewall stuff compiled into the kernel (I believe), All chains are set to ACCEPT. IP forward is set to on. So I am wondering why Bob can't get a response from outside the firewall, and why can't the exterior world ping Bob? -Mike Michael P. Whitman Programmer LAW.com mailto:michaelw@palawnet.com
|
|