[pmfirewall] can't ping

From: Alan Chung (alan@silveregg.co.jp)
Date: Thu Feb 15 2001 - 04:52:52 PST

• Next message: thc@www.c0wz.com: "Re: [pmfirewall] pmfirewall & ICQ"
• Previous message: Darcy Brodie: "Re: [pmfirewall] Creating rules for specific internal IP addresses"
• Next in thread: Alan Chung: "[pmfirewall] can't ping"
• Maybe reply: Alan Chung: "[pmfirewall] can't ping"

I have newly setup Freeswan with ipchains built on my new debian linux box.
Everything was working well but when I started my chain rules, I couldn't
ping the internal host on the other side of network.

These are the rules I added for IPSEC,

/sbin/ipchains -A input -p UDP -d $left-external-network 500 -j ACCEPT
/sbin/ipchains -A input -p 50 -d $left-external-network -j ACCEPT
/sbin/ipchains -A input -p 51 -d $left-external-network -j ACCEPT

# Allows internal subnet access
/sbin/ipchains -A input -b -s $left-internal-network -j ACCEPT

# Allows traffic from and to internal LANs
/sbin/ipchains -A forward -b -s $left-internal-network -d
$right-internal-network -j ACCEPT

Any suggestion for the rules?

Thanks in advance.

Alan

****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
* Need answers fast? Check the list archive located at:
* http://www.pointman.org/PMFirewall/list-archive/
*

• Next message: thc@www.c0wz.com: "Re: [pmfirewall] pmfirewall & ICQ"
• Previous message: Darcy Brodie: "Re: [pmfirewall] Creating rules for specific internal IP addresses"
• Next in thread: Alan Chung: "[pmfirewall] can't ping"
• Maybe reply: Alan Chung: "[pmfirewall] can't ping"

This archive was generated by hypermail 2b29 : Sun Jun 10 2001 - 02:39:27 PDT