0

I'm new to this site and I want to apologize in advance for any mistakes, dumb questions, etc. (if any).
I have a networking issue and I hope someone has ideas how to solve it. I'm almost sure it's a simple one.

First of all, let's introduce my network configuration/geometry:

    ------
  (        )             SRV                 PC-A                 PC-B
 (          )     ╔════════════╤══╗    ╔═══╤═══════════╗    ╔════════════╤══╗
(  INTERNET  )═══>║ 95.12.34.56│  ║    ║   │192.168.1.1║═══>║ 192.168.1.5│  ║
 (          )     ╟────────────┘  ║    ║   └───────────╢    ╟────────────┘  ║
  (        )      ║               ║    ║               ║    ╚═══════════════╝
    ------        ║   ┌───────────╢    ╟────────────┐  ║ 
                  ║   │192.168.0.1║═══>║ 192.168.0.4│  ║ 
                  ╚═══╧═══════════╝    ╚════════════╧══╝

SRV and PC-A run on Windows XP Pro SP2. They both have an identical software package which do firewalling, NAT, port forwarding and rewriting.

PC-B runs Arch Linux with no iptables rules, it only uses the hosts.allow and hosts.deny approach. PC-B also has a partition with Windows XP Pro SP2 (fresh install, no other software which interacts with the system, firewall disabled). 

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

PC-A has rules to do port forwarding and rewriting:
- port 3333 => port 3306 @ 192.168.1.5;
- all ICMP => 192.168.1.5

Now the behaviour:
Case 1) when PC-B runs Windows
- from PC-B I'm able to ping IPs from internet, IPs from 192.168.0.0/24 and IPs from 192.168.1.0/24 networks
- if I launch the MySQL server on PC-B, I can connect to it from SRV (specifying host 192.168.0.4 and port 3333) and also from PC-A (netstat shows an establishd connection from 192.168.0.1 when SRV is connected using port forwarding and rewriting)
- from SRV I can ping PC-B

Case 2) when PC-B runs Arch Linux:
- from PC-B I'm able to ping IPs from internet, IPs from 192.168.1.0/24 and only the 192.168.0.4 IP, but not other IPs from 192.168.1.0/24 network
- if I launch the MySQL server on PC-B, I cannot connect to it from SRV (specifying host 192.168.0.4 and port 3333), only from PC-A

While doing all this tests, SRV and PC-A were running without changes or restarts or something like this. They do correctly their job and running Windows on PC-B prove this. I also did packet inspection with Wireshark and the packets are delivered to Linux machine.

Now the question is what is wrong with the Linux machine? Why when running Windows everything works like it should, but when running Linux it doesn't?

My assumption is that something related to routes is missing.
Probably the system doesn't know how to respond to packets with the source IP = 192.168.0.1 (but why it can ping 192.168.0.4 in this case? ).
The routes are: 

# ip route show
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.5
default via 192.168.1.1 dev eth0
EEAA
  • 109,363
  • 18
  • 175
  • 245
Art84
  • 1

1 Answers1

0

Are you able to ssh 192.168.1.5? Did you allow 192.168.0.0/24 in host.allow?

192.168.1.1 is responsible to/from forward the request from 192.168.1.5 to 192.168.0.0/24 because as per routes 192.168.1.1 is gateway of your linux box.

User4283
  • 781
  • 3
  • 10
  • 27
  • No, I can't use SSH as well. It seems I can't use any service, be it ssh, mysql, http, ping, or others. Maybe a network monitoring tool (tcpdump? does it intercept packets before ANY other process, firewalls, hosts.allow/deny, etc. ?) could help me to find out if the packets arrive to PC-B. – Art84 Apr 11 '11 at 15:09