Step Seven: Testing external MASQ ICMP forwarding
From an internal MASQed computer, now ping a static TCP/IP address (NOT a
machine by DNS name) out on the Internet (i.e. ping
152.19.254.81 (this technically the DNS name "metalab.unc.edu" which
is home of MetaLabs' Linux Archive). If this works, it should look something
like the result below and this ultimately shows that ICMP Masquerading is
working properly. (hit Control-C to abort the ping):
-------------------------------------
masq-client# ping 152.2.254.81
PING 12.13.14.15 (152.2.254.81): 56 data bytes
64 bytes from 152.2.254.81: icmp_seq=0 ttl=255 time=133.4 ms
64 bytes from 152.2.254.81: icmp_seq=1 ttl=255 time=132.5 ms
64 bytes from 152.2.254.81: icmp_seq=2 ttl=255 time=128.8 ms
64 bytes from 152.2.254.81: icmp_seq=3 ttl=255 time=132.2 ms
^C
--- 152.2.254.81 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 128.8/131.7/133.4 ms
------------------------------------- |
If it didn't work, again check your Internet connection. If this still
doesn't work, make sure you are using the simple rc.firewall ruleset and that
you have ICMP Masqurading compiled into the Linux kernel. Finally, make sure
that the ruleset which enables IP MASQ is pointing to the correct EXTERNAL
interface.