Redhat secure server - Jan 2001 - Routing Problem using two 3Com NICs

Hello, 
I have installed a RH 6.2 with one 3Com builtin my motherboard (DELL
Optiplex GX1) and it is working very well with the 3C59x driver module
originaly included in the distribution.
I would like to set up a gateway-firewall with this box so I added a 3C905B
NIC in this computer. Thus I am using the 3C90x for the two NIC as
preconized by 3Com.
And then nothing is routed through the two NICs. My public IP is well
responding on the 3C59x and my private IP is responding on the other NIC but
when I define this box as a gateway for another one nothing passes through.
I use manually each time I restart "echo 1
>/proc/sys/net/ipv4/ip_forward
it". But it didn''t help me. 
I put a tcpdump on each interface and I can see that nothing passes through
one card to another in any direction... 
Is there a bug with this 3Com driver module or am I proceeding the wrong way
to build a gateway ? 
I tried the following commands because my intention was originaly to give
access from outside to a computer in my LAN : 
ipchains -s 195.154.93.0 -d 172.16.1.36 -j MASQ -A forward (with and without
the -b option) 
ipchains -s 195.154.93.0 -d 172.16.1.36 -j ACCEPT -A forward (with and
without the -b option) 
and many various rules that I think should have routed packets from outside
to inside but I lost two days on it.... 
I am quiet new in Linux and I may have tried the wrong tools or failed my
box setup... 
Any help would be pleased 8.) 
Regards 
Matthieu Fleurmont 
Keymage

Matthieu Fleurmont wrote:
>
>
> Hello,
> I have installed a RH 6.2 with one 3Com builtin my motherboard (DELL
> Optiplex GX1) and it is working very well with the 3C59x driver module
> originaly included in the distribution.
>
> I would like to set up a gateway-firewall with this box so I added a
> 3C905B NIC in this computer. Thus I am using the 3C90x for the two NIC
> as preconized by 3Com.
>
> And then nothing is routed through the two NICs. My public IP is well
> responding on the 3C59x and my private IP is responding on the other
> NIC but when I define this box as a gateway for another one nothing
> passes through.
>
> I use manually each time I restart "echo 1
> >/proc/sys/net/ipv4/ip_forward it". But it didn''t help me.
> I put a tcpdump on each interface and I can see that nothing passes
> through one card to another in any direction...
> Is there a bug with this 3Com driver module or am I proceeding the
> wrong way to build a gateway ?
> I tried the following commands because my intention was originaly to
> give access from outside to a computer in my LAN :
>
> ipchains -s 195.154.93.0 -d 172.16.1.36 -j MASQ -A forward (with and
> without the -b option)
> ipchains -s 195.154.93.0 -d 172.16.1.36 -j ACCEPT -A forward (with and
> without the -b option)
> and many various rules that I think should have routed packets from
> outside to inside but I lost two days on it....
> I am quiet new in Linux and I may have tried the wrong tools or failed
> my box setup...
> Any help would be pleased 8.)
> Regards
> Matthieu Fleurmont
> Keymage
>

Jody Fustini wrote:
> I think you have to verify your routing table, and if it''s
neccessary
> add a new route.Type "route -n" to show your routing table. If it
> doesn''t work try this: joe /etc/sysctl.conf and set
> "net.ipv4.ip_forward = 1". Regards Jody
>
>      ----- Original Message -----
>      From: Matthieu Fleurmont
>      To: ''redhat-secure-server@redhat.com''
>      Sent: Monday, January 29, 2001 3:25 PM
>      Subject: Routing Problem using two 3Com NICs
>       Hello,
>      I have installed a RH 6.2 with one 3Com builtin my
>      motherboard (DELL Optiplex GX1) and it is working very well
>      with the 3C59x driver module originaly included in the
>      distribution.
>
>      I would like to set up a gateway-firewall with this box so I
>      added a 3C905B NIC in this computer. Thus I am using the
>      3C90x for the two NIC as preconized by 3Com.
>
>      And then nothing is routed through the two NICs. My public
>      IP is well responding on the 3C59x and my private IP is
>      responding on the other NIC but when I define this box as a
>      gateway for another one nothing passes through.
>
>      I use manually each time I restart "echo 1
>      >/proc/sys/net/ipv4/ip_forward it". But it didn''t
help me.
>      I put a tcpdump on each interface and I can see that nothing
>      passes through one card to another in any direction...
>      Is there a bug with this 3Com driver module or am I
>      proceeding the wrong way to build a gateway ?
>      I tried the following commands because my intention was
>      originaly to give access from outside to a computer in my
>      LAN :
>
>      ipchains -s 195.154.93.0 -d 172.16.1.36 -j MASQ -A forward
>      (with and without the -b option)
>      ipchains -s 195.154.93.0 -d 172.16.1.36 -j ACCEPT -A forward
>      (with and without the -b option)
>      and many various rules that I think should have routed
>      packets from outside to inside but I lost two days on it....
>
>      I am quiet new in Linux and I may have tried the wrong tools
>      or failed my box setup...
>      Any help would be pleased 8.)
>      Regards
>      Matthieu Fleurmont
>      Keymage
>
>

Routing Problem using two 3Com NICsI think you have to verify your routing
table, and if it''s neccessary add a new route.
Type "route -n" to show your routing table.

If it doesn''t work try this: joe /etc/sysctl.conf and set
"net.ipv4.ip_forward = 1".

Regards

Jody

  ----- Original Message ----- 
  From: Matthieu Fleurmont 
  To: ''redhat-secure-server@redhat.com'' 
  Sent: Monday, January 29, 2001 3:25 PM
  Subject: Routing Problem using two 3Com NICs


  Hello, 
  I have installed a RH 6.2 with one 3Com builtin my motherboard (DELL Optiplex
GX1) and it is working very well with the 3C59x driver module originaly included
in the distribution.

  I would like to set up a gateway-firewall with this box so I added a 3C905B
NIC in this computer. Thus I am using the 3C90x for the two NIC as preconized by
3Com.

  And then nothing is routed through the two NICs. My public IP is well
responding on the 3C59x and my private IP is responding on the other NIC but
when I define this box as a gateway for another one nothing passes through.

  I use manually each time I restart "echo 1
>/proc/sys/net/ipv4/ip_forward it". But it didn''t help me.
  I put a tcpdump on each interface and I can see that nothing passes through
one card to another in any direction...
  Is there a bug with this 3Com driver module or am I proceeding the wrong way
to build a gateway ?
  I tried the following commands because my intention was originaly to give
access from outside to a computer in my LAN :

  ipchains -s 195.154.93.0 -d 172.16.1.36 -j MASQ -A forward (with and without
the -b option)
  ipchains -s 195.154.93.0 -d 172.16.1.36 -j ACCEPT -A forward (with and without
the -b option)
  and many various rules that I think should have routed packets from outside to
inside but I lost two days on it....
  I am quiet new in Linux and I may have tried the wrong tools or failed my box
setup...
  Any help would be pleased 8.) 
  Regards
  Matthieu Fleurmont
  Keymage

Routing Problem using two 3Com NICsthx for the second tip, it is another way to
set /proc/sys/net/ipv4/ip_forward to 1 8.)

But even with explicit routes nothing is routed through my gateway, but tests I
made on another box of the same kind with two NICs (1 3C59x and 1 DLink DE220)
succeed so I think that error comes 3Com (driver or NIC I still don''t
know)  8.(

thx for your help

Matthieu
  ----- Original Message ----- 
  From: Jody Fustini 
  To: redhat-secure-server@redhat.com 
  Sent: Monday, January 29, 2001 7:48 PM
  Subject: Re: Routing Problem using two 3Com NICs


  I think you have to verify your routing table, and if it''s neccessary
add a new route.
  Type "route -n" to show your routing table.

  If it doesn''t work try this: joe /etc/sysctl.conf and set
"net.ipv4.ip_forward = 1".
   
  Regards
   
  Jody
   
    ----- Original Message ----- 
    From: Matthieu Fleurmont 
    To: ''redhat-secure-server@redhat.com'' 
    Sent: Monday, January 29, 2001 3:25 PM
    Subject: Routing Problem using two 3Com NICs


    Hello, 
    I have installed a RH 6.2 with one 3Com builtin my motherboard (DELL
Optiplex GX1) and it is working very well with the 3C59x driver module originaly
included in the distribution.

    I would like to set up a gateway-firewall with this box so I added a 3C905B
NIC in this computer. Thus I am using the 3C90x for the two NIC as preconized by
3Com.

    And then nothing is routed through the two NICs. My public IP is well
responding on the 3C59x and my private IP is responding on the other NIC but
when I define this box as a gateway for another one nothing passes through.

    I use manually each time I restart "echo 1
>/proc/sys/net/ipv4/ip_forward it". But it didn''t help me.
    I put a tcpdump on each interface and I can see that nothing passes through
one card to another in any direction...
    Is there a bug with this 3Com driver module or am I proceeding the wrong way
to build a gateway ?
    I tried the following commands because my intention was originaly to give
access from outside to a computer in my LAN :

    ipchains -s 195.154.93.0 -d 172.16.1.36 -j MASQ -A forward (with and without
the -b option)
    ipchains -s 195.154.93.0 -d 172.16.1.36 -j ACCEPT -A forward (with and
without the -b option)
    and many various rules that I think should have routed packets from outside
to inside but I lost two days on it....
    I am quiet new in Linux and I may have tried the wrong tools or failed my
box setup...
    Any help would be pleased 8.) 
    Regards
    Matthieu Fleurmont
    Keymage

>     I use manually each time I restart "echo 1
>/proc/sys/net/ipv4/ip_forward it". But it didn''t help me.
>     I put a tcpdump on each interface and I can see that nothing passes
through one card to another in any direction...
>     Is there a bug with this 3Com driver module or am I proceeding the
wrong way to build a gateway ?
>     I tried the following commands because my intention was originaly to
give access from outside to a computer in my LAN :
>
>     ipchains -s 195.154.93.0 -d 172.16.1.36 -j MASQ -A forward (with and
without the -b option)
>     ipchains -s 195.154.93.0 -d 172.16.1.36 -j ACCEPT -A forward (with and
without the -b option)
>     and many various rules that I think should have routed packets from
outside to inside but I lost two days on it....
>     I am quiet new in Linux and I may have tried the wrong tools or failed
my box setup...
>     Any help would be pleased 8.)
how the package know how to go back? when the package reach the
172.16.1.36 how it will go back and reach the real IP?

why you dont use ipportfw, sound like that but i dont know exactly the
name

good luck
roger
>     Regards
>     Matthieu Fleurmont
>     Keymage
>
>
>
>
>