It looks to me like you're iptables haven't been setup to NAT.  I have 
attached the output of 'iptables -nvL' on my NATing gateway.  Just for 
the heck of it I obscured my public address too.  I used a slightly 
modified version of the rc.firewall-stronger startup script from the 
IP-Masquerade HOWTO (IP-Masquerade is the same thing as NAT).  Links:

The IP-Masquerade HOWTO:
<http://www.tldp.org/HOWTO/IP-Masquerade-HOWTO/index.html>

The exampe startup scripts from the HOWTO.
<http://www.ecst.csuchico.edu/~dranch/LINUX/ipmasq/examples/>

Good luck,
Conway S. Smith


Chadha, Devesh wrote:
> Here are all the answers:
> 
> Chuck's questions:
> My IP address is a public IP.
> I think I am not NATing correctly and hence this problem.
> ping -c 4 192.168.1.1 gives:
> 64 bytes from 192.168.1.1 icmp_seq=1 ttl=64 time=0.237 ms
> 64 bytes from 192.168.1.1 icmp_seq=2 ttl=64 time=0.152 ms
> 64 bytes from 192.168.1.1 icmp_seq=3 ttl=64 time=0.150 ms
> 64 bytes from 192.168.1.1 icmp_seq=4 ttl=64 time=0.152 ms
> 
> --- 192.168.1.1 ping statistics ---
> 4 packets transmitted, 4 received, 0% loss, time 3000ms
> 
> ping -c 4 xxx.xxx.xxx.xxx gives:
> 64 bytes from xxx.xxx.xxx.xxx icmp_seq=1 ttl=64 time=0.237 ms
> 64 bytes from xxx.xxx.xxx.xxx icmp_seq=2 ttl=64 time=0.146 ms
> 64 bytes from xxx.xxx.xxx.xxx icmp_seq=3 ttl=64 time=0.151 ms
> 64 bytes from xxx.xxx.xxx.xxx icmp_seq=4 ttl=64 time=0.149 ms
> 
> --- xxx.xxx.xxx.xxx ping statistics ---
> 4 packets transmitted, 4 received, 0% loss, time 2998ms
> 
> Rays questions:
> 1. Correction, both are not on same subnet. Sorry for the wrong info. I
> guess I am not NATing right
> 2. given that information. see below
> 3. ip forwarding is on. I dont know if I have NATing set up correct. I
> looked up the internet and ran some scripts.
> Here is my iptables -nvl output:
> 
> Chain INPUT (policy ACCEPT 46 packets, 4390 bytes)
>  pkts bytes target        prot  opt   in         out        source
> destination
> 
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
>  pkts bytes target        prot  opt   in         out        source
> destination
>     0     0 ACCEPT         all  --    eth1        *         0.0.0.0/0
> 0.0.0.0/0
> 
> Chain OUTPUT (policy ACCEPT 66 packets, 6036 bytes)
>  pkts bytes target        prot  opt   in         out        source
> destination
> 
> 4.Pinging 192.168.1.1 from eth0 gave destnation host unreachable and pinging
> xxx.xxx.xxx.xxx from eth1 gave the same.
> 
> 5. I can connect to internet using eth0 since I can browse the internet. I
> can also ping the gateway from eth0
> 
> Hope this helps. I know that xxx.xxx.... is annoying, but I cant help it.
> 
> Thanks for taking interest...
>