Home router setup problem

[wolf_99]

Hi!

I am trying to set up a home router, and having problems with it. I folowed the home router how-to (http://www.gentoo.org/doc/en/home-router-howto.xml) and encouterd no problems (no errors, warning weird cryptic messages etc.) But I don't recive packages (tcp/ip) from the net.

Here is what I have:

eth1 - connected to the Internet (WAN)
eth0 - connected to my main Gentoo box (LAN)

From my router box (an old PII) I can serf allright (good old lynx).

But when I ping from my main box to the net (yahoo.com) I don't get a reply.
Using the Nast sniffer I can see that the router gets the package and forwords it to the net

[frostschutz]

[wolf_99]

But I can't serf either, so it's not that.

When I ping from the router, I do get a pong back...

Any way's, the problem still exists, I can't connect to the net. Why?
_________________
To err is human. To really fuck up, use a computer.

[desultory]

You should have an established/related accept clause at the head of your forwarding chain.

[wolf_99]

[tuxmin]

To get things working quickly I'd advise to use a graphical firewall tool like firestarter or fwbuilder. Many Gentoo folks like shorewall (but I don't know this one). You also can be sure that these tools build proper rulesets -- this is a rather hairy job for an iptables newbie..
I especially like fwbuilder. You can run it on a LAN box and update the ruleset via ssh. But for the start it could help you to build a basic ruleset which you could transfer to your router and execute it.
Firestarter is fine for running on the router itself. You could either access it via X11 forwarding, vnc or NX.


Hth, Alex!!!
_________________
ALT-F4

[desultory]

Another good option for setting up a firewall is bastille, it is well and integrally documented, easy to set up and you can choose from either a gui (X) or a curses (shell) based interface.