Forwarding not work in FC9 but ip_forward is turn on

ppps no-reply-gw at fcp.surfsite.org
Mon Sep 22 19:43:52 UTC 2008


Hi, guys
I would please ask for their help with a problem that has frustrated me. Then I describe the scene
I installed FC9 on my PC that will work as official proxy / firewall. The pc has 3 network cards
eth4, eth5 and eth6
eth4-> 192.168.5.254 -> to a router
eth5-> 192.168.1.231 -> toward LAN1
eth6-> 192.168.10.250 -> toward LAN2

- A cat / proc/sys/net/ipv4/ip_forward returns 1,
- Also I have set in / etc / sysctl.conf net.ipv4.ip_forward = 1
- A ping from LAN2 to say 192.168.10.20 toward 192.168.10.250 work without problems
- A ping from 192.168.10.20 works toward 192.168.5.254
- A ping 192.168.5.1 from FC9 toward running smoothly
- A ping from FC9 to 192.168.1.250 running smoothly
- Mii-tol eth4 eth5 eth6 returns
eth4: negotiated 100BaseTX-FD flow-control, link ok
eth5: negotiated 100BaseTX-FD flow-control, link ok
eth6: negotiated 100BaseTX-FD flow-control, link ok

- A ping from 192.168.10.250 toward 192.168.10.20 not work!!!
- A ping from 192.168.10.20 to 192.168.5.1 via 192.168.10.250 as gw does not work.
- A tracert from 192.168.10.20 to 192.168.5.1 return
192.168.5.1 to trace paths on a maximum of 30 hops
1 1ms  192.168.5.1: ICMP echo request
192.168.5.1> 192.168.5.254: ICMP echo reply
192.168.5.254> 192.168.5.1: ICMP echo request
192.168.5.1> 192.168.5.254: ICMP echo replay
and therefore from fedora if I can do ping.
- A cat /etc/selinux/config return
SELinux=disabled and SELINUXTYPE =targeted.
- A route-n
Destination Gateway Genmask ... Ifacex
192.168.5.0 0.0.0.0 255.255.255.0 .... eth4
192.168.1.0 0.0.0.0 255.255.255.0 .... eth5
192.168.10.0 0.0.0.0 255.255.255.0 .... eth6
169.254.0.0 0.0.0.0 255.255.0.0 .... eth6

iptables has no rule, in fact I have executed the following
iptables -t nat-F
iptables -t mangle-F
iptables -t filter-F
iptales -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

What I can conclude that the forwarding is not working properly, or only partially. I have tried to add other options in sysctl.conf without success.

I wish I could help me because I'm overwhelmed with this problem, you might miss something you add or remove within sysctl.conf or SELinux really much appreciate your help.

Best regards

Sorry for my bad English !!!


-- 
This is an email sent via the webforum on http://fcp.surfsite.org
http://fcp.surfsite.org/modules/newbb/viewtopic.php?post_id=291565&topic_id=61844&forum=10#forumpost291565
If you think, this is spam, please report this to webmaster at fcp.surfsite.org.




More information about the fedora-list mailing list