[Shorewall-newbies] Routed Subnet - ICMP problem

Garrett Johnson garrettj at annalee.com
Fri Mar 5 14:32:28 PST 2004

I found the problem.  It was a problem with the first ROUTER.  It had two
default gateways one on each card.  It shouldn't have had a second gateway
on the route to the network.  That gateway also was on the wrong
network.  The reason it was working to the network was that the
ROUTER was on that network so it didn't need to use the routing table.

Thank you very much for your help.  The problem didn't occur until we
installed shorewall so we thought it was the problem.

Here's some stuff I had done before finding the problem.

When I ran tcpdump -ni eth1 host it didn't work because it was
seeing the packets from the other card in the "ROUTER" for the network.  So I needed to do tcpdump -ni eth1 host  I
found this out by running tcpdump 'icmp' -ni eth1 which showed which
address it thought I was pinging from.  So when I ping outside addresses
the packet doesn’t show on the router.

Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.614 / Virus Database: 393 - Release Date: 3/5/2004

More information about the Shorewall-newbies mailing list