Re: failing to share internet access between two PCs installed with Debian 3.1

• Previous message: Kevin Mark: "Re: Sudden constant spoofing of my address"
• In reply to: Roberto C. Sanchez: "Re: failing to share internet access between two PCs installed with Debian 3.1"
• Next in thread: Robert Vangel: "Re: failing to share internet access between two PCs installed with Debian 3.1"
• Reply: Robert Vangel: "Re: failing to share internet access between two PCs installed with Debian 3.1"
• Reply: Dominik Margraf: "problem solved (was Re: failing to share internet access between two PCs installed with Debian 3.1)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sat, 11 Jun 2005 21:32:29 +1200
To: "Roberto C. Sanchez" <roberto@familiasanchez.net>, debian-user@lists.debian.org

On 6/11/05, Roberto C. Sanchez <roberto@familiasanchez.net> wrote:
> On Sat, Jun 11, 2005 at 08:25:14PM +1200, Dominik Margraf wrote:
> >
> > I also installed ipmasq on computer A. Computer A was able to access
> > the internet. Both Computer A and B could also ping each other
> > successfully and computer B was also able to share internet from
> > computer A
> >
> What is the output of '/sbin/route -n' from each computer?

for Computer A (the one connected to the ADSL modem):

abc@debian1:~$ /sbin/route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth1
0.0.0.0 10.1.1.1 0.0.0.0 UG 0 0 0 eth1
abc@debian1:~$

(note: eth1 is the port connected to the ADSL modem and eth0 is the
port connected to Computer B via a crossover cable)

for Computer B:
abc@debian2:~$ /sbin/route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
abc@debian2:~$

>
> > However after I reinstalled Computer A with the newly released debian
> > 3.1r0a (with exactly the same settings described above) with ipmasq,
> Uh. Why did you reinstall?
>

Because I would like to reallocate the disc space and set up a new
partition for storing my DVD files.

> > computer B could not obtain internet access any more despite computer
> > A still had internet access and computer B was also able to share CUPS
> > and NFS services from computer A successfully. Also, computer B was
> > able to ping computer A and vice versa.
> >
> > So what could go wrong here? Is it because some problems with the
> > firewall and/or ipmasq? How could I fix this problem?
> What firewall program/configuration are you using? What is the output
> if 'iptables -nL' ?
>
> -Roberto

I did not intentionally install firewall program for both computer or
tweak the firewall configurations. I just installed the ipmasq
package, which allows NAT by recomputing the firewall rules. However
there are the printouts for "iptablees -nL" of both computers:

Computer A:

debian1:/home/abc# iptables -nL
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
LOG all -- 127.0.0.0/8 0.0.0.0/0 LOG flags
0 level 4
DROP all -- 127.0.0.0/8 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 255.255.255.255
ACCEPT all -- 192.168.0.0/24 0.0.0.0/0
ACCEPT !tcp -- 0.0.0.0/0 224.0.0.0/4
LOG all -- 192.168.0.0/24 0.0.0.0/0 LOG flags
0 level 4
DROP all -- 192.168.0.0/24 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 255.255.255.255
ACCEPT all -- 0.0.0.0/0 10.1.1.5
ACCEPT all -- 0.0.0.0/0 10.255.255.255
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags
0 level 4
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- 192.168.0.0/24 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
RELATED,ESTAB LISHED
LOG all -- 0.0.0.0/0 192.168.0.0/24 LOG flags
0 level 4
DROP all -- 0.0.0.0/0 192.168.0.0/24
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags
0 level 4
DROP all -- 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 255.255.255.255
ACCEPT all -- 0.0.0.0/0 192.168.0.0/24
ACCEPT !tcp -- 0.0.0.0/0 224.0.0.0/4
LOG all -- 0.0.0.0/0 192.168.0.0/24 LOG flags
0 level 4
DROP all -- 0.0.0.0/0 192.168.0.0/24
ACCEPT all -- 0.0.0.0/0 255.255.255.255
ACCEPT all -- 10.1.1.5 0.0.0.0/0
ACCEPT all -- 10.255.255.255 0.0.0.0/0
LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags
0 level 4
DROP all -- 0.0.0.0/0 0.0.0.0/0
debian1:/home/abc#

Computer B:

debian2:/home/abc# iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
debian2:/home/abc#

Thank you very much for your help and I would be grateful if you could
find the culprit!

Dominik

• Previous message: Kevin Mark: "Re: Sudden constant spoofing of my address"
• In reply to: Roberto C. Sanchez: "Re: failing to share internet access between two PCs installed with Debian 3.1"
• Next in thread: Robert Vangel: "Re: failing to share internet access between two PCs installed with Debian 3.1"
• Reply: Robert Vangel: "Re: failing to share internet access between two PCs installed with Debian 3.1"
• Reply: Dominik Margraf: "problem solved (was Re: failing to share internet access between two PCs installed with Debian 3.1)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]