Greetings all; Now I have a new problem that seems to be iptables or arp related. My network here consists of: dsl modem<->router<-eth0(firewall box(gene))<->iptables<->eth1(firewall box(gene))<->netgear switch port1 netgear switch port 2<->main box(coyote) netgear switch port 3<->shop box(shop) I've just re-configured the 'main box' with the motherboards LAN connection, an nforce2 setup using the forcedeth driver. I was formerly running a D-Link RTL-8139too card in that box. I can ping anywhere on the local net, or ssh into all of it, but cannot even ping the router from gene, but I can ping gene from coyote or vice-versa in sub-millisecond timeings.. >From shop, I can ping the world, from gene I can ping the world, but I cannot seem to get thru iptables from coyote, my main box. All ip addresses are as they were before the card switch. Nothing in the network configuration was changed here on gene, which is where I'm posting this from. The only thing changed on coyote is the bogus MAC address of the nforce network port since its not hard coded into the chips, but is a bios entry. iptables hasn't changed here, but everything has been either power cycled or restarted except this box itself, which has a 72 day uptime ATM. I see no reason to do it since the shop box goes thru the same NAT and MASQUERADE in iptables as coyote should be using. In fact, the shop box is not being named in a PORTFORWARD rule but is getting thru anyway. What can I check next please? -- Cheers, Gene
