[Shorewall-newbies] Routed Subnet - ICMP problem

Garrett Johnson garrettj at annalee.com
Fri Mar 5 14:32:28 PST 2004


I found the problem.  It was a problem with the first ROUTER.  It had two
default gateways one on each card.  It shouldn't have had a second gateway
on the route to the 10.1.3.0 network.  That gateway also was on the wrong
network.  The reason it was working to the 10.1.1.0 network was that the
ROUTER was on that network so it didn't need to use the routing table.


Thank you very much for your help.  The problem didn't occur until we
installed shorewall so we thought it was the problem.

Here's some stuff I had done before finding the problem.

When I ran tcpdump -ni eth1 host 10.1.3.2 it didn't work because it was
seeing the packets from the other card 10.1.5.88 in the "ROUTER" for the
10.1.3.0 network.  So I needed to do tcpdump -ni eth1 host 10.1.5.88.  I
found this out by running tcpdump 'icmp' -ni eth1 which showed which
address it thought I was pinging from.  So when I ping outside addresses
the packet doesn’t show on the router.


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.614 / Virus Database: 393 - Release Date: 3/5/2004
 



More information about the Shorewall-newbies mailing list