Am Do, den 31.03.2005 schrieb Thiago Guzella um 1:19: > I am running FC3 x86_64 on a DSL-connected pc, which works great by > itself; I have another machine running windoze XP, and would like to > use the first pc as a gateway, so that windoze can have access to the > network. > > In the linux machine, with 2 ethernet devices, eth0-> connected to > windoze, eth1-> connected to the ADSL modem (under ppp0), eth0 is set > with ip address 192.168.1.1, netmask 255.255.255.0, and eth1 is set by > adsl-setup... The windoze pc has an ip address 192.168.1.2, netmask > 255.255.255.0, gateway 192.168.1.1 ( = the FC3 ip address). Given that you didn't accidentally mistyped there anywhere with the network mask i.e. > Using this setup, windoze can ping linux, but linux can't ping windoze > (no response). I even tried running ping with -I eth0 with no luck :( ping isn't that reliable swiss knife tool as many treat it for. Even the Windows® "personal firewall" (!sic) can be interfering when running in what some people call (attention: buzzword) "stealth mode". Often dead minded and a shoot in the own feet to silently drop all ICMP packets. > Well, i started doing the usual stuff in order to set the gateway under fedora: > 1) enabling ip_forwarding on /etc/sysctl.conf > 2) modprobing iptables_nat > 3) adding iptables masquerading rules to table nat (iptables -t nat -A > POSTROUTING -o ppp0 -j MASQUERADE) > > needless to say that windoze remains unconnected... what am I missing???? I could imagine you are missing the correct default route. What does "route -n" tell you? You shouldn't have set a GATEWAY neither in /etc/sysconfig/network-scripts/ifcfg-eth[0,1] nor in /etc/sysconfig/network. But /etc/sysconfig/network-scripts/ifcfg-ppp0 should contain a "DEFROUTE=yes" entry. Before testing the gateway functionality make sure the Fedora gateway itself can reach outside hosts, i.e. using "telnet www.google.com 80". If not possible, then you might have a DNS misconfiguration, using the wrong DNS servers. Check then /etc/resolv.conf. On the LAN clients make sure the DNS are set too correctly, either pointing to your ISP's DNS servers or your own if running a caching nameserver. Another problem can be the size of MTU and MSS, but this is more a problem with specific net targets and the size information should be given by your ISP if they differ much from usual (MTU 1492 for ppp device and MSS of 1452/1436). > Thiago dos Santos Guzella Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.10-1.771_FC2smp Serendipity 02:23:52 up 23:50, 18 users, 0.70, 0.53, 0.47
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
