[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] problem with routing



Hi Payam,

ok, if the dns works from the router, than you have a routing problem.
try tcpdump -i eth1 to look what packages are leaving and icoming on your
"world device". You get this information by invoking the command above
and trying "nslookup www.suse.com" from a client.

Greets

robert

payam payami schrieb:

Hi Robert,

I have win2k for router in our network now and is
working well, so , i want to replace it with suse 7.3
I set an dns IP in control center (host name and name
server) in Xwindow & set this IP for dns in
clients(windows machine) Router can see internet but clients (internal network)
that their OS is win2k can't see internet.
Also router (suse 7.3) can ping clients IP but clients
only can ping eth0(internal network) for router &
can't ping eth1(external network) for router
when i do this command in client machine :
nslookup suse.com
i get thie error:
can't find servername for address ( the Ip that i set
for dns that above told you ) :time out
default servers arenot availabe
		'
		'
		'
		'
		'
What can i do?

Thanks for your help,
Payam

--- Robert Rottscholl <lv426@xxxxxxx> wrote:
 Hi Payam,

what about your dns server? You have one? Or do you
add an external dns to your client configuration.
What does nslookup or dig on a client say? (e.g.
nslookup www.suse.com)
If these programs can recieve an IP-Adress try to
ping.

Ciao ;-)

Robert

payam payami schrieb:

Hi Robert,
I did what did you tell me, FW_route &
FW_MASQUERADE &
etc, without set the iptables rule but
UNFORTUNATELY i
can't get result.
What can i do?

Thanks for your help,
Payam

--- Robert Rottscholl <lv426@xxxxxxx> wrote:


Hi Payam,
let me repeat what you try to do: You want to
route
the internet requests from the internal (eth0) interface to
the
external interface (eth1).
You needn't set the rule you posted.
Set
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_DEV="eth1"
FW_MASQ_NETS="" # to your internal subnet (e.g.
192.168.0.0/24)

Creets

robert

payam payami schrieb:

I want to use suse 7.3 for router & i want to do
masquerading.
I have 2 net card that one is for internal
network
&
another is for external network.
eth0 for internal network
eth1 for external network
I was setting in
/etc/rc.config.d/firewall2.rc.config
(The options that related to masquerading) and
type
this command in command line

iptables -t nat -A POSTROUTING -j MASQUERADE -o
eth1
Is this any problem with this rule or in my
configuration file?
Because only router system can see internet and
another systems can't see internet
How can i solve this problem that another systems
(internal network) can see internet?

Thanks for your help,
Payam

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up
now.
http://mailplus.yahoo.com



--
Check the headers for your unsubscription address
For additional commands, e-mail:
suse-security-help@xxxxxxxx
Security-related bug reports go to
security@xxxxxxx,
not here

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up
now.
http://mailplus.yahoo.com





--
Check the headers for your unsubscription address
For additional commands, e-mail:
suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx,
not here


__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com





--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here