CentOS Icon CentOS Logo
CentOS Text
   
  
www.centos.org Forum Index
   CentOS 4 - Security Support
   "Firewall" NAT...

 

  Bottom    Previous Topic    Next Topic
  •  Rate Thread
      Rate this Thread
      Excellent
      Good
      Average
      Bad
      Terrible
Poster Thread
  •  mrpaulo
      mrpaulo
Re: "Firewall" NAT...
#1
Peeking in the Member Window
Joined: 2007/6/10
From
Posts: 16
Hi ! When I try to ping from 10 net out to internet...

C:\>ping 200.176.3.142 -t

Pinging 200.176.3.142 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.

Looking at /var/log/messages... I only found this:

Mar 19 21:01:09 firewall kernel: device eth1 left promiscuous mode
Mar 19 21:01:09 firewall kernel: audit(1237510869.049:29): dev=eth1 prom=0 old_prom=256 auid=4294967295
Mar 19 21:01:44 firewall kernel: eth1: Promiscuous mode enabled.
Mar 19 21:01:44 firewall kernel: device eth1 entered promiscuous mode
Mar 19 21:01:44 firewall kernel: audit(1237510904.651:30): dev=eth1 prom=256 old_prom=0 auid=4294967295

I also.. tcpdump'ed my eth1 (192.168.0.5) interface... look what I found:

21:08:27.322283 IP 10.0.0.2 > www.terra.com.br: ICMP echo request, id 512, seq 63233, length 40
21:08:27.322723 IP 192.168.0.1 > 10.0.0.2: ICMP redirect www.terra.com.br to host dsldevice.lan, length 36
21:08:29.197297 IP 10.0.0.2.63033 > resolver1.telesp.net.br.domain: 36197+ A? www.mandrivabrasil.org. (40)
21:08:29.197357 IP 10.0.0.2.63033 > resolver2.telesp.net.br.domain: 36197+ A? www.mandrivabrasil.org. (40)
21:08:29.197388 IP 10.0.0.2.63033 > 192.168.0.1.domain: 36197+ A? www.mandrivabrasil.org. (40)
21:08:29.197785 IP 192.168.0.1 > 10.0.0.2: ICMP redirect resolver1.telesp.net.br to host dsldevice.lan, length 36
21:08:29.198119 IP 192.168.0.1 > 10.0.0.2: ICMP redirect resolver2.telesp.net.br to host dsldevice.lan, length 36
21:08:29.241577 IP 192.168.0.1.domain > 10.0.0.2.63033: 36197 1/6/0 A[|domain]
21:08:32.822533 IP 10.0.0.2 > www.terra.com.br: ICMP echo request, id 512, seq 63489, length 40
21:08:32.822999 IP 192.168.0.1 > 10.0.0.2: ICMP redirect www.terra.com.br to host dsldevice.lan, length 36
21:08:33.197445 IP 10.0.0.2.63033 > resolver1.telesp.net.br.domain: 36197+ A? www.mandrivabrasil.org. (40)
21:08:33.197508 IP 10.0.0.2.63033 > resolver2.telesp.net.br.domain: 36197+ A? www.mandrivabrasil.org. (40)
21:08:33.197539 IP 10.0.0.2.63033 > 192.168.0.1.domain: 36197+ A? www.mandrivabrasil.org. (40)
21:08:33.197928 IP 192.168.0.1 > 10.0.0.2: ICMP redirect resolver1.telesp.net.br to host dsldevice.lan, length 36
21:08:33.198260 IP 192.168.0.1 > 10.0.0.2: ICMP redirect resolver2.telesp.net.br to host dsldevice.lan, length 36
21:08:33.242398 IP 192.168.0.1.domain > 10.0.0.2.63033: 36197 1/3/1 A[|domain]
21:08:38.196620 arp who-has 192.168.0.1 tell 192.168.0.5
21:08:38.196861 arp reply 192.168.0.1 is-at 00:1c:f0:7e:47:5a (oui Unknown)
21:08:38.322664 IP 10.0.0.2 > www.terra.com.br: ICMP echo request, id 512, seq 63745, length 40
21:08:38.323099 IP 192.168.0.1 > 10.0.0.2: ICMP redirect www.terra.com.br to host dsldevice.lan, length 36
21:08:43.822793 IP 10.0.0.2 > www.terra.com.br: ICMP echo request, id 512, seq 64001, length 40
21:08:43.823234 IP 192.168.0.1 > 10.0.0.2: ICMP redirect www.terra.com.br to host dsldevice.lan, length 36
21:08:49.323081 IP 10.0.0.2 > www.terra.com.br: ICMP echo request, id 512, seq 64257, length 40
21:08:49.323524 IP 192.168.0.1 > 10.0.0.2: ICMP redirect www.terra.com.br to host dsldevice.lan, length 36
21:08:54.823152 IP 10.0.0.2 > www.terra.com.br: ICMP echo request, id 512, seq 64513, length 40
21:08:54.823590 IP 192.168.0.1 > 10.0.0.2: ICMP redirect www.terra.com.br to host dsldevice.lan, length 36

192.168.0.1 is my router
resolver1.telesp.net.br and resolver2.telesp.net.br are my DSL DNS

Looks like I will have to bring my public IP to one of my interfaces, right ?
Posted on: 2009/3/20 0:23
Create PDF from Post Print
Top
Subject Poster Date
     Re: "Firewall" NAT... kaushalpatel198 2009/3/18 5:18
       Re: "Firewall" NAT... mrpaulo 2009/3/18 15:19
         Re: "Firewall" NAT... mrpaulo 2009/3/18 23:39
           Re: "Firewall" NAT... mrpaulo 2009/3/19 0:55
             Re: "Firewall" NAT... mrpaulo 2009/3/19 16:28
           Re: "Firewall" NAT... gerald_clark 2009/3/19 18:17
             Re: "Firewall" NAT... mrpaulo 2009/3/19 20:41
               Re: "Firewall" NAT... michaelnel 2009/3/19 21:21
                 Re: "Firewall" NAT... mrpaulo 2009/3/19 21:54
                   Re: "Firewall" NAT... michaelnel 2009/3/19 23:22
                     Re: "Firewall" NAT... mrpaulo 2009/3/20 0:23
     Re: "Firewall" NAT... gerald_clark 2009/3/19 16:43
       Re: "Firewall" NAT... mrpaulo 2009/3/19 16:48
 Top   Previous Topic   Next Topic

 

 You cannot start a new topic.
 You can view topic.
 You cannot reply to posts.
 You cannot edit your posts.
 You cannot delete your posts.
 You cannot add new polls.
 You cannot vote in polls.
 You cannot attach files to posts.
 You cannot post without approval.




"Linux" is a registered trademark of Linus Torvalds. | All other trademarks are property of their respective owners. | All other content is Copyright @ 2004-2009 by the CentOS Project or "each individual contributor (forums, comments, etc.) unless otherwise assigned".| Theme based on a theme by 7dana.com