[plug] Routing issue

Paul Dean paul at canningcollege.wa.edu.au
Tue Jul 10 10:11:25 WST 2001 

hya,

adding to...

At 10:02 AM 10/07/2001 +0800, you wrote:
>hya,
>
>At 08:52 AM 10/07/2001 +0800, you wrote:
>
>
>>I seem to be having a routing problem I think is in the way ipchains is set
>>the following is the our forward (DENY) policy.
>>Seems one of our networks that connects tot he RH7.1 server cannot receive
>>email nor ping the server.
>>
>>/sbin/ipchains -P input DENY
>
>have you got any input chains??
>your POLICY stats to DENY all input....
>
>>/sbin/ipchains -P forward DENY
>>/sbin/ipchains -P output ACCEPT
>>
>>echo 1 > /proc/sys/net/ipv4/ip_forward
>>
>>/sbin/ipchains -A forward -s $RMT_NET/24 -d $PRI_NET/8 -j ACCEPT
>>/sbin/ipchains -A forward -s $PRI_NET/24 -d $RMT_NET/24 -j ACCEPT

are these ^^^^^^^^^^^^^^^^^^^^ meant to be in your input policy???

>>/sbin/ipchains -A forward -s $RMT2_NET/24 -d 0.0.0.0/0 -j MASQ
>>/sbin/ipchains -A forward -s $PRI_NET/8 -d 0.0.0.0/0 -j MASQ
>>/sbin/ipchains -A forward -s $RMT_NET/24 -d 0.0.0.0/0 -j MASQ
>>/sbin/ipchains -A forward -s $RMT1_NET/24 -d 0.0.0.0/0 -j MASQ
>>/sbin/ipchains -A forward -s $RMT3_NET/24 -d 0.0.0.0/0 -j MASQ
>

i would suggest you do /sbin/ipchains -L to list your current chains,

also the "$VAR" how have you set them???
as this looks like it is from your rc.local file...


>>netstat -r
>>Destination     Gateway         Genmask         Flags   MSS Window  irtt 
>>Iface
>>gogo-01.iinet.n *               255.255.255.255 UH       40 0          0 ppp0
>>192.168.1.51    *               255.255.255.255 UH       40 0          0 ppp1
>>192.168.1.53    *               255.255.255.255 UH       40 0          0 ppp2
>>10.76.33.0      *               255.255.255.0   U        40 0          0 eth0
>>127.0.0.0       *               255.0.0.0       U        40 0          0 lo
>>default         gogo-01.iinet.n 0.0.0.0         UG       40 0          0 ppp0
>>
>>Jon L. Miller, MCNE
>>Director/Sr Systems Consultant
>>MMT Networks Pty Ltd
>>http://www.mmtnetworks.com.au
>>
>>"I don't know the key to success, but the key to failure
>>  is trying to please everybody." -Bill Cosby
>
>
>Regards
>
>Paul Dean
>IT Support Officer
>Canning College
>Computing Centre
>Ph: 9350 5430
>Mob: 0408 902 206
>paul at canningcollege.wa.edu.au
>
>


Regards

Paul Dean
IT Support Officer
Canning College
Computing Centre
Ph: 9350 5430
Mob: 0408 902 206
paul at canningcollege.wa.edu.au

More information about the plug mailing list