5

I'm having hard time to configure my linux router

view full story
linux-howto

http://www.linuxforums.org – Hello everyone. First, I'm no linux expert. I know some basics of networking and windows servers mostly. And now I want to use a Linux distro (Centos 5.4) to build up a firewall for my servers on my hosting company. What I want to / have to configure is: - A linux router - Which works on transparent routing mode (I guess its opposite to NAT mode) - Which has Proxy-ARP feature. My expected network plan is as follows: Internet | | Internet Gateway ip = 10.0.0.1/24 | | Linux Firewall > Which I'm configuring eth0 = 10.0.0.2/24, gw=10.0.0.1 , eth1 = 10.0.0.3/24 | | A server ip= 10.0.0.5/24, gw=10.0.0.1 I guess I managed to enable Proxy-ARP and iptables, but I guess I couldn't configure routing. My config is below: cat /etc/sysctl.conf net.ipv4.ip_forward = 1 net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 kernel.msgmnb = 65536 kernel.msgmax = 65536 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 net.ipv4.conf.eth1.proxy_arp = 1 netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 10.0.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth0 iptables -L -v Chain INPUT (policy ACCEPT 7983 packets, 737K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 31809 packets, 3221K bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 9930 packets, 1218K bytes) pkts bytes target prot opt in out source destination On the Linux Firewall, I can successfully ping 8.8.8.8 (or an external IP), 10.0.0.1, 10.0.0.2, 10.0.0.3 and 10.0.0.5. But on the server (10.0.0.5), I can ping 10.0.0.2 only, I can't ping an external IP, 10.0.0.1 or 10.0.0.3. Could you please help me to find out where the problem is. As I said in the introduction, I'm not a network or linux guy :) Thanks in advance. >>Yasin (HowTos)