Re: Forwarding not work in FC9 but ip_forward is turn on

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

ppps wrote:

Hi, guys
I would please ask for their help with a problem that has frustrated me. Then I describe the scene
I installed FC9 on my PC that will work as official proxy / firewall. The pc has 3 network cards
eth4, eth5 and eth6
eth4-> 192.168.5.254 -> to a router
eth5-> 192.168.1.231 -> toward LAN1
eth6-> 192.168.10.250 -> toward LAN2

- A cat / proc/sys/net/ipv4/ip_forward returns 1,
- Also I have set in / etc / sysctl.conf net.ipv4.ip_forward = 1
- A ping from LAN2 to say 192.168.10.20 toward 192.168.10.250 work without problems
- A ping from 192.168.10.20 works toward 192.168.5.254
- A ping 192.168.5.1 from FC9 toward running smoothly
- A ping from FC9 to 192.168.1.250 running smoothly
- Mii-tol eth4 eth5 eth6 returns
eth4: negotiated 100BaseTX-FD flow-control, link ok
eth5: negotiated 100BaseTX-FD flow-control, link ok
eth6: negotiated 100BaseTX-FD flow-control, link ok

- A ping from 192.168.10.250 toward 192.168.10.20 not work!!!
- A ping from 192.168.10.20 to 192.168.5.1 via 192.168.10.250 as gw does not work.
- A tracert from 192.168.10.20 to 192.168.5.1 return
192.168.5.1 to trace paths on a maximum of 30 hops
1 1ms  192.168.5.1: ICMP echo request
192.168.5.1> 192.168.5.254: ICMP echo reply
192.168.5.254> 192.168.5.1: ICMP echo request
192.168.5.1> 192.168.5.254: ICMP echo replay
and therefore from fedora if I can do ping.
- A cat /etc/selinux/config return
SELinux=disabled and SELINUXTYPE =targeted.
- A route-n
Destination Gateway Genmask ... Ifacex
192.168.5.0 0.0.0.0 255.255.255.0 .... eth4
192.168.1.0 0.0.0.0 255.255.255.0 .... eth5
192.168.10.0 0.0.0.0 255.255.255.0 .... eth6
169.254.0.0 0.0.0.0 255.255.0.0 .... eth6

iptables has no rule, in fact I have executed the following
iptables -t nat-F
iptables -t mangle-F
iptables -t filter-F
iptales -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT

What I can conclude that the forwarding is not working properly, or only partially. I have tried to add other options in sysctl.conf without success.

I wish I could help me because I'm overwhelmed with this problem, you might miss something you add or remove within sysctl.conf or SELinux really much appreciate your help.

Best regards

Sorry for my bad English !!!


No problem.

You need to have routes to those networks:

/sbin/ip route add 192.168.1.0/24 dev eth5
/sbin/ip route add 192.168.10.1/24 dev eth6
/sbin/ip route add default via 192.168.5.254 dev eth4


Hope that helps,
Mike Wright :m)

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux