Not able to get MASQ work on RedHat 7.1

Brad Chapman kakadu@adelphia.net
Wed, 08 Aug 2001 07:49:10 -0400 

Rohit Peyyeti wrote:

> I set chains: INPUT, FORWARD, OUTPUT to
> ACCEPT mode.
> 
> As I said before, I can ping my ISP's gateway
> from my local workstation. I am still not able
> to access internet (websites)
> 
> As of setting of priority to high, I set that
> for most of my outgoing mails. It is upto the
> receiver if he considers my mail important or
> not.
> 
> Thanks for the help anyway!
> 
> ....Rohit
> 
> ----- Original Message -----
> From: Nigel Morse <N.Morse@hyperknowledge.com>
> To: 'Rohit Peyyeti' <rohit@translogicsys.com>; <netfilter@lists.samba.org>
> Cc: Samuel Tran <stran@immostreet.com>
> Sent: Wednesday, August 08, 2001 4:42 PM
> Subject: RE: Not able to get MASQ work on RedHat 7.1
> 
> 
> 
>> Firstly - please send text only mails to mailing lists - you may get more
>> response.  Also don't set the urgency to high as most people would
> 
> probably
> 
>> consider their requests high.
>> 
>> Secondly if you have INPUT and FORWARD set to drop with no other rules
> 
> then
> 
>> you are not going to get anything working.  Set these to accept and then
> 
> the
> 
>> SNAT rule may work.
>> 
>> Cheers
>> Nigel
>> 
>> 
>> Rohit Peyyeti wrote:
>> Hello:Since past few days I have been trying to get MASQ withiptables
> 
> work.
> 
>> I have installed RedHat 7.1 on a systemwith 64 MB RAM with 1 GB Harddisk
> 
> and
> 
>> Pentium 100 MhzCPU. I tried setting up MASQ using IP Chains on RedHat
> 
> 7.0.It
> 
>> works perfectly fine. I then upgraded to RH7.1 andtried getting MASQ work
>> with iptables but without anyluck. I have a wireless broadband connection
>> with staticip address. I have two NICs, one facing internet andother
> 
> facing
> 
>> my local area network. eth0 is facingmy Local area network and eth1 is
>> facing the internet. Here is what my script file contains: ======# -
>> Enabling packet forwarding in the kernel
>> echo "1" > /proc/sys/net/ipv4/ip_forward# - Internal IP Address range
>> INT_NET="200.200.200.0/24" # - External IP Ad

Mr. Peyyeti,

	Aha! DNS problem! Can you ping the IP address of an external node WITHOUT 
using a domain name? If you can, then your DNS configuration is broken 
and must be fixed. If not, then your ISP has a major routing problem ;-)

Brad