On Thu, 2004-07-22 at 14:18, Gene Heskett wrote: > Greetings all; > > I apologize if this is a duplicate post, but the first one has not come back > in something like 20 minutes. > > Now I have a new problem that seems to be iptables or arp related. > > My network here consists of: > dsl modem<->router<-eth0(firewall box(gene))<->iptables<->eth1(firewall box(gene))<->netgear switch port1 > netgear switch port 2<->main box(coyote) > netgear switch port 3<->shop box(shop) > > I've just re-configured the 'main box' with the motherboards LAN connection, an nforce2 > setup using the forcedeth driver. I was formerly running a D-Link RTL-8139too > card in that box. > > I can ping anywhere on the local net, or ssh into all of it, but cannot even ping > the router from gene, but I can ping gene from coyote or vice-versa in > sub-millisecond timeings.. > > >From shop, I can ping the world, from gene I can ping the world, but I cannot > seem to get thru iptables from coyote, my main box. All ip addresses are as > they were before the card switch. > > Nothing in the network configuration was changed here on gene, which is where > I'm posting this from. The only thing changed on coyote is the bogus MAC address > of the nforce network port since its not hard coded into the chips, but is a bios entry. > > iptables hasn't changed here, but everything has been either power cycled or > restarted except this box itself, which has a 72 day uptime ATM. I see no reason > to do it since the shop box goes thru the same NAT and MASQUERADE in iptables > as coyote should be using. In fact, the shop box is not being named in a > PORTFORWARD rule but is getting thru anyway. ---- don't know if you've solved this and not entirely sure which FC we are talking about but I would check for the wrong module being assigned to the switched NIC in the following places... /etc/modules.conf /etc/modprobe.conf /etc/sysconfig/network-scripts/ifcfg-ethX I would remove the 'old' module ... rmmod rtl8139too or whatever it was and insmod the new module if known or simply run kudzu and then restart network service. Craig
