[NTLUG:Discuss] can't ping outside

Peter Smith peters at bakura.bitstreet.net
Mon Jun 19 16:10:59 CDT 2000 

You have already checked all your ipchains rules right?  At a minimum, be
sure that ipchains -L shows:

  Chain input (policy ACCEPT):
  Chain forward (policy ACCEPT):
  Chain output (policy ACCEPT):

If not, then that could be your problem.  Perhaps you are allowing
everything except ICMP replies?  Or perhaps you are disallowing sending
ICMP requests?

BTW, what does cat /proc/sys/net/ipv4/ip_forward give you?  I do hope it
returns "1".

Peter

On Mon, 19 Jun 2000, clyde swann wrote:

> i have the same issue and i have ip_forwarding compiled on in the kernel, as 
> well it is set on in /etc/sysctl.conf.  i've even tried sending the command 
> echo "1" > /proc/sys/net/ipv4/ip_forward from rc.local to no avail.  as 
> stated in this message other services are getting out.  if ip_forwarding was 
> not set then nothing would bridge over to the outside nic.  i'm starting to 
> thing a bug somewhere with all the combinations i've tried.  could there be 
> an issue with route?  i'm thinking about going with iproute to see if that 
> makes a difference.  i've have read of strange occurances happening with 
> route.  any comments on this please?
> 
> 
> >From: Peter Smith <peters at bakura.bitstreet.net>
> >Reply-To: discuss at ntlug.org
> >To: bobby at wrennest.com
> >CC: "discuss at ntlug.org" <discuss at ntlug.org>
> >Subject: Re: [NTLUG:Discuss] can't ping outside
> >Date: Wed, 7 Jun 2000 12:56:35 -0500 (CDT)
> >
> >Sounds to me like you need to turn on the kernel's IP_FORWARDing features
> >(they were most likely defaulted on you old box.)  You'll need to check
> >the current state of forwarding by issuing this command as root:
> >
> >cat /proc/sys/net/ipv4/ip_forward
> >
> >It it returns "0" then you know that is the problem.  For any data to get
> >from one NIC to the other NIC you _have_ to have ip_forward set to "1".
> >So you need to issue this next command as root:
> >
> >echo 1 >/proc/sys/net/ipv4/ip_forward
> >
> >There is most likely a place in your Redhat install's config where you
> >should permanently set this.  You'll probably want to look into
> >"linuxconf" to access the networking menus where linuxconf's scripts will
> >always set this kernel proc variable.
> >
> >Hope this helps,
> >Peter
> >
> >On Wed, 7 Jun 2000 bobby at wrennest.com wrote:
> >
> > > I just set up a new router for my dsl line. On the old router I can ping
> > > inside addresses (192.168.1.x) and the address of the nic connected to
> > > the dsl. I can also ping address out in the world. Other services work
> > > fine (lynx, ncftp, etc).
> > >
> > > On the new box configured with RH6.0 with both nic's enabled. I can do
> > > all of the above except ping addresses out in the world.
> > >
> > > Where do I turn icmp on and off or is it something else I am missing. I
> > > know I never did anything on the old box to make pings work they just
> > > always have.
> > >
> > > Thanks to all for any help
> > > Bobby
> > > --
> > > This tagline is identical to the one you are reading.
> > >
> > > _______________________________________________
> > > http://ntlug.org/mailman/listinfo/discuss
> > >
> >
> >
> >_______________________________________________
> >http://ntlug.org/mailman/listinfo/discuss
> 
> ________________________________________________________________________
> Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
> 
> 
> _______________________________________________
> http://ntlug.org/mailman/listinfo/discuss
>

More information about the Discuss mailing list