|Michael Whitman on Wed, 21 Jun 2000 09:05:07 -0400 (EDT)|
I am setting up a firewall on a RH 6.0 system
Our isp has given us a subnet of xxx.xxx.xxx.64 - 128
I am trying to split is up in two and put the lower half behind a firewall.
The firewall machine has eth0 set to xxx.xxx.xxx.69 and eth1 set at xxx.xxx.xxx.100
the routing table is set up like this:
Destination Gateway Genmask Flags Metric Ref Use Iface
xxx.xxx.xxx.69 * 255.255.255.255 UH 0 0 0 eth0
xxx.xxx.xxx.100 * 255.255.255.255 UH 0 0 0 eth1
xxx.xxx.xxx.96 * 255.255.255.224 U 0 0 0 eth1
xxx.xxx.xxx.64 * 255.255.255.224 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default xxx.xxx.xxx.65 0.0.0.0 UG 0 0 0 eth0
right now the machine behind the firewall, we'll call it 'Bob', has xxx.xxx.xxx.100 as its gateway
and xxx.xxx.xxx.101 is its ip number.
Bob can ping both eth0 and eth1 on the firewall. however it gets no response from machines outside the firewall.
We put a sniffer on an exterior machine and had Bob ping it. The packets are getting to this machine, but apparently Bob is not receiving a response.
The firewall can ping Bob, and the exterior world.
the exterior world can ping the firewall (both eth1 and eth0), but can not ping Bob.
I have ipchains installed and the firewall stuff compiled into the kernel (I believe), All chains are set to ACCEPT.
IP forward is set to on.
So I am wondering why Bob can't get a response from outside the firewall, and why can't the exterior world ping Bob?
Michael P. Whitman Programmer LAW.com