Re: Forwarding and masquerading got broken

Re: Forwarding and masquerading got broken

[Michael Gale]

Hello,

	Look the section"
--snip--
# --------( Sysctl Tuning - Recommended Parameters )--------

# Turn off IP forwarding by default
# (this will be enabled if you require masquerading)

if [ -e /proc/sys/net/ipv4/ip_forward ]; then
  echo 0 > /proc/sys/net/ipv4/ip_forward
fi
--snip--

The "echo 0" in the "/proc/sys/net/ipv4/ip_forward" is disabling ip_forwarding -- which is need to forward packets.

Change the "echo 0" to "echo 1"

:)

Michael.









On Tue, 02 Dec 2003 21:54:29 -0600
"Lawrence G. Hunsicker" <lhunsicker@mchsi.com> wrote:

> Hi, folks:
> 
> I have just used firestarter's wizard to allow access to my web server. 
>    This part of things worked correctly, but in the process my machine 
> has stopped forwarding and masquerading traffic from machines inside my 
> firewall to the outside world.  All of the interfaces themselves work 
> correctly.  I.e., from inside machines I can ping my server and from the 
> server I can see the outside world.  But I can't see the outside world 
> from the inside machines.  Is there someone out there that can tell me 
> what I have to do to get IP forwarding and masquerading working again?
> 
> I have attached a copy of my firewall.sh file.
> 
> Many thanks in advance for any help that you can give me.
> 
>   --
> Lawrence G. Hunsicker
> lhunsicker@mchsi.com
> 


-- 
Michael Gale
Network Administrator
Utilitran Corporation

Forwarding and masquerading got broken

[Lawrence G. Hunsicker]

[-- Attachment #1: Type: text/plain, Size: 746 bytes --]

Hi, folks:

I have just used firestarter's wizard to allow access to my web server. 
   This part of things worked correctly, but in the process my machine 
has stopped forwarding and masquerading traffic from machines inside my 
firewall to the outside world.  All of the interfaces themselves work 
correctly.  I.e., from inside machines I can ping my server and from the 
server I can see the outside world.  But I can't see the outside world 
from the inside machines.  Is there someone out there that can tell me 
what I have to do to get IP forwarding and masquerading working again?

I have attached a copy of my firewall.sh file.

Many thanks in advance for any help that you can give me.

  --
Lawrence G. Hunsicker
lhunsicker@mchsi.com

[-- Attachment #2: firewall.sh --]
[-- Type: application/x-sh, Size: 24614 bytes --]

Re: Forwarding and masquerading got broken

[Lawrence G. Hunsicker]

Michael Gale said:

Hello,

	Look the section"
--snip--
# --------( Sysctl Tuning - Recommended Parameters )--------

# Turn off IP forwarding by default
# (this will be enabled if you require masquerading)

if [ -e /proc/sys/net/ipv4/ip_forward ]; then
   echo 0 > /proc/sys/net/ipv4/ip_forward
fi
--snip--

The "echo 0" in the "/proc/sys/net/ipv4/ip_forward" is disabling 
ip_forwarding -- which is need to forward packets.

Change the "echo 0" to "echo 1"

Mike:

Thanks for the suggestion.  Note, though, that further down in the file 
there is a parallel section cating 1 to the same address to turn on 
kernel forwarding.  I have checked the actual setting after boot up by 
lessing the address, and it is indeed already set to one.  I'll check 
changing this line, but I suspect that this is not where my problem is.

Any other suggestions?


-- 
Lawrence G. Hunsicker
lhunsicker@mchsi.com