On Mon, Nov 25, 2002 at 10:48:28PM -0800, paridhi bansal wrote: > [... NAT in userland ...] > > What is happening is: when i ping from one > machine(151.2.123.85) to another (192.168.1.1), it > shows requyest timed out. The application is showing > me that the pkt has been sent to 192 interface. I > assume that somehow pkt is not sent from interface to > the destination machine as i am not getting any reply > pkt from 192.168.1.1. > > What can be the problem?? What can be the > solution???How shall i proceed??? Don't assume[1] anything. :) I recommend running tcpdump on 151.2.123.85 and 192.168.1.1 and try to correlate what happens on both of them when you send your pings. Without knowing for sure which packets arrive where, it is difficult to figure out what is going on. You can also run tcpdump on both interfaces involved with with your NAT proxy. I didn't see anything in your code obviously included to specify which interface your packet was sent from. It seems like the sort of thing that the kernel would decide on the fly; however, maybe the kernel doesn't like trying to send packets from an IP address that it doesn't 'own' on any interface... Hmm. I wonder how honeyd runs a 'network' of hosts; does it require ethernet aliases? Or does it just do spoofing.. Hopefully i've suggested enough for some troubleshooting. :) (Honestly, I wanted to write a reply primarily for the following joke...) [1]: Math professors are famous for bad jokes; one of my favourites is, "When you assume something, you make an ASS out of U and ME." :) Maybe I'll be a math prof some day.... :) -- "There's an old saying in Tennessee, i know it's in Texas, probably in Tennessee, that says, 'Fool me once... shame on ... shame on .. you; but fool--you can't get fooled again.'" -- Commander in Chief of the US Military
Attachment:
pgp00227.pgp
Description: PGP signature
