I think iptables is not alowing me to connect

I think iptables is not alowing me to connect

[AndreLSM]

[-- Attachment #1: Type: text/plain, Size: 235 bytes --]

Hello all,

I´m traying to set iptables working in my home LAN, but since then my linux box can´t connect ADSL as before. I have removed all rules in iptables but it won´t connect. Anyone has a clue whats happening?

Thanks
ALSM

[-- Attachment #2: Type: text/html, Size: 779 bytes --]

I think iptables is not alowing me to connect

[AndreLSM]

[-- Attachment #1: Type: text/plain, Size: 239 bytes --]



Hello all,

I´m traying to set iptables working in my home LAN, but since then my linux box can´t connect ADSL as before. I have removed all rules in iptables but it won´t connect. Anyone has a clue whats happening?

Thanks
ALSM

[-- Attachment #2: Type: text/html, Size: 873 bytes --]

Re: I think iptables is not alowing me to connect

[Antony Stone]

On Friday 20 September 2002 6:52 pm, AndreLSM wrote:

> Hello all,
>
> I´m traying to set iptables working in my home LAN, but since then my linux
> box can´t connect ADSL as before. I have removed all rules in iptables but
> it won´t connect. Anyone has a clue whats happening?

Yes.   Something's broken.

Tell us what your network setup is, and tell us what your ruleset it, and we 
might be able to tell you what's broken.

Antony.

-- 

This email was created using 100% recycled electrons.

Re: I think iptables is not alowing me to connect

[AndreLSM]

Sorry I was not very clear,

Actualy I removed all iptables rules with:
iptables -F
iptables -X
iptables -Z

but adsl still hangs and does not connect.
Before  I started testing iptables it used to connect quickly.
My network is like this:
on eth0:  connection to another computer, ip 192.168.0.1 this is ok
on eth1: connection to the adsl modem. I know that this device can not be
initialized on the booting process and I thought that maybe iptables was
initializing it, but I removed all rules and stoped running the rc.firewall
file. This one has dynamic ip. I know that booth network adapters are
working fine, so it´s not hardware problem.


----- Original Message -----
From: "Antony Stone" <Antony@Soft-Solutions.co.uk>
To: <netfilter@lists.netfilter.org>
Sent: Friday, September 20, 2002 5:03 PM
Subject: Re: I think iptables is not alowing me to connect


> On Friday 20 September 2002 6:52 pm, AndreLSM wrote:
>
> > Hello all,
> >
> > I´m traying to set iptables working in my home LAN, but since then my
linux
> > box can´t connect ADSL as before. I have removed all rules in iptables
but
> > it won´t connect. Anyone has a clue whats happening?
>
> Yes.   Something's broken.
>
> Tell us what your network setup is, and tell us what your ruleset it, and
we
> might be able to tell you what's broken.
>
> Antony.
>
> --
>
> This email was created using 100% recycled electrons.
>
>
>

Re: I think iptables is not alowing me to connect

[Antony Stone]

On Friday 20 September 2002 10:36 pm, AndreLSM wrote:

> Sorry I was not very clear,
>
> Actualy I removed all iptables rules with:
> iptables -F
> iptables -X
> iptables -Z

Have you removed your nat rules (eg SNAT in the POSTROUTING chain) as well ?

> but adsl still hangs and does not connect.
> Before  I started testing iptables it used to connect quickly.
> My network is like this:
> on eth0:  connection to another computer, ip 192.168.0.1 this is ok
> on eth1: connection to the adsl modem. I know that this device can not be
> initialized on the booting process

What do you mean by this last comment ?

> and I thought that maybe iptables was initializing it, but I removed all
> rules and stopped running the rc.firewall file. This one has dynamic ip.

Are you getting a valid IP address for this interface from your ISP ?

> I know that both network adapters are working fine, so it´s not hardware
> problem.

Can you connect to the Internet from the Firewall machine itself (never mind 
the internal machines on your network for now) ?

If you can, then tell us whether you have a SNAT rule in your POSTROUTING 
chain to allow internal machines to connect out as well.

If you cannot connect from the Firewall machine, then it is not a netfilter 
problem.   Check the hardware and the interface configuration.   Why do you 
say "both network adapters are working fine" ?   How do you know ?   What 
have you tested ?

Antony.

-- 

This email is intended for the use of the individual addressee(s) named above 
and may contain information that is confidential, privileged or unsuitable 
for overly sensitive persons with low self-esteem, no sense of humour, or 
irrational religious beliefs.

If you have received this email in error, you are required to shred it 
immediately, add some nutmeg, three egg whites and a dessert spoonful of 
caster sugar.   Whisk until soft peaks form, then place in a a warm oven for 
40 minutes.   Remove promptly and let stand for 2 hours before adding some 
decorative kiwi fruit and cream.   Then notify me immediately by return email 
and eat the original message.

Re: I think iptables is not alowing me to connect

[Anders Fugmann]

AndreLSM wrote:
> Sorry I was not very clear,
> 
> Actualy I removed all iptables rules with:
> iptables -F
> iptables -X
> iptables -Z
> 
> but adsl still hangs and does not connect.
Have you changed the default policies to ACCEPT on the default chains,
e.g.:
$ iptables -P INPUT ACCEPT
$ iptables -P OUTPUT ACCEPT
$ iptables -P FORWARD ACCEPT

That might help
Anders Fugmann