[ale] Re: Ping through Masq'ing firewall?
Robert L Harris
nomad at rocky.orci.com
Sat Jan 3 19:00:46 EST 1998
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
>
> Robert,
>
> If memory serves there's an option in the kernel config for ICMP
> Masqurade. Since pings & traceroutes are ICMP packets, make sure this is
> enabled. After that... sorry. Dunno.
>
> On Sat, 3 Jan 1998, Robert L Harris wrote:
>
> > Ok,
> > My firewall/Masq is up and working beautifully. The problem is that
> > you can't ping a host outside from inside. The firewall can ping out, but
> > machines behind it never get a response.
> > This seems to be keeping Quake2 and Age Of Empire from being able to play
> > from behind it.
> >
> > Anyone have any Ideas? I'd really like to be able to play AOE...
>
I found a IP Masq, but not ICMP. Here's the section from "make menuconfig", let me know
if you see something wrong.
[*] Kernel/User network link driver
[ ] Routing messages
[*] Network firewalls
[ ] Socket Security API Support (EXPERIMENTAL)
[ ] Network aliasing
[*] TCP/IP networking
[ ] IP: multicasting
[*] IP: firewalling
[ ] IP: firewall packet netlink device
[ ] IP: firewall packet logging
[*] IP: masquerading
--- Protocol-specific masquerading support will be built as modules.
[ ] IP: transparent proxy support
[ ] IP: always defragment
[ ] IP: accounting
[*] IP: optimize as router not host
< > IP: tunneling
[ ] IP: ARP daemon support (EXPERIMENTAL)
[ ] IP: TCP syncookie support (not enabled per default)
--- (it is safe to leave these untouched)
[ ] IP: PC/TCP compatibility mode
< > IP: Reverse ARP
[*] IP: Path MTU Discovery (normally enabled)
[*] IP: Drop source routed frames
[*] IP: Allow large windows (not recommended if <16Mb of memory)
< > The IPv6 protocol (EXPERIMENTAL)
---
< > The IPX protocol
< > Appletalk DDP
< > Amateur Radio AX.25 Level 2
< > CCITT X.25 Packet Layer (EXPERIMENTAL)
< > LAPB Data Link Driver (EXPERIMENTAL)
[ ] Bridging (EXPERIMENTAL)
[ ] 802.2 LLC (EXPERIMENTAL)
< > WAN router
---------------------------------------------------------------------------
Robert L. Harris | NT is secure....
System Engineer For Hire. \_ as long as you don't remove the shrink wrap.
http://www.orci.com/~nomad
DISCLAIMER:
These are MY OPINIONS ALONE. I speak for no-one else.
perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
More information about the Ale
mailing list