Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Testing External MASQ server Internet connectivity

5.6. Testing External MASQ server Internet connectivity

  • Step Six: Testing external MASQ server to Internet connectivity

    From the MASQ server, ping the external IP address of the MASQ server's EXTERNAL network interface that is connected to the Internet. This address might be a Ethernet interface, a PPP interface, etc. connection to your ISP. If you don't know what this external IP address is, run the Linux command "/sbin/ifconfig" on the MASQ server itself to get the Internet address. The output should look something like the following (we are looking for the IP address of eth0):

    eth0      Link encap:Ethernet  HWaddr 00:08:C7:A4:CC:5B  
              inet addr:  Bcast:  Mask:
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:6108459 errors:0 dropped:0 overruns:0 frame:0
              TX packets:5422798 errors:8 dropped:0 overruns:0 carrier:8
              collisions:4675 txqueuelen:100 
              Interrupt:11 Base address:0xfcf0

    As you can see from the above, the external IP address is "" for this example. So, now that you have your IP address after running the "ipconfig" command, ping your external IP address. This will confirm that the MASQ server has full network connectivity. The output should look something like the following (hit Control-C to abort the ping):

    masq-server# ping
    PING ( 56 data bytes
    64 bytes from icmp_seq=0 ttl=255 time=0.8 ms
    64 bytes from icmp_seq=1 ttl=255 time=0.4 ms
    64 bytes from icmp_seq=2 ttl=255 time=0.4 ms
    64 bytes from icmp_seq=3 ttl=255 time=0.5 ms
    --- ping statistics ---
    4 packets transmitted, 4 packets received, 0% packet loss
    round-trip min/avg/max = 0.4/0.5/0.8 ms

    If either of these tests doesn't work, you need to go back and double check your network cabling and verify that the two network interfaces on the MASQ server are seen in "dmesg". An example of this output would be the following towards the END of the "dmesg" command:

    PPP: version 2.3.7 (demand dialling)
    TCP compression code copyright 1989 Regents of the University of California
    PPP line discipline registered.
    3c59x.c:v0.99H 11/17/98 Donald Becker
    eth0: 3Com 3c905 Boomerang 100baseTx at 0xfe80,  00:60:08:a7:4e:0e, IRQ 9
      8K word-wide RAM 3:5 Rx:Tx split, autoselect/MII interface.
      MII transceiver found at address 24, status 786f.
      Enabling bus-master transmits and whole-frame receives.
    eth1: 3Com 3c905 Boomerang 100baseTx at 0xfd80,  00:60:97:92:69:f8, IRQ 9
      8K word-wide RAM 3:5 Rx:Tx split, autoselect/MII interface.
      MII transceiver found at address 24, status 7849.
      Enabling bus-master transmits and whole-frame receives.
    Partition check:
     sda: sda1 sda2 < sda5 sda6 sda7 sda8 >

    Also be sure that the cabling is correct (Ethernet: the NICs connecting the external MASQ server to your ISP has the "link" light lit up). Finally, make sure that TCP/IP is correctly configured on the MASQed Server as described by the various Network HOWTOs (URLs can be found in the requirements section for your 2.4.x kernel in Section 2.6, 2.2.x kernel in Section 2.7, or 2.0.x kernel in Section 2.8).



Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hackers Plundered Israeli Defense Firms that Built ‘Iron Dome’ Missile Defense System
Internet of things big security worry, says HP
Boffins build FREE SUPERCOMPUTER from free cloud server trials
Insecure Connections: Enterprises hacked after neglecting third-party risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.