ping naar firewall
Ergens stond er nog: "iedereen moet de firewall kunnen pingen ..."
... en dat waren we nog vergeten
Dat kunnen we éénvoudig in de INPUT chain stoppen met de volgende regel ...
iptables -vA INPUT -p ICMP -j ACCEPT
pingen lukt nu van binnen en van buiten:
WEB101:~$ ping 192.168.200.254
PING 192.168.200.254 (192.168.200.254) 56(84) bytes of data.
64 bytes from 192.168.200.254: icmp_seq=1 ttl=64 time=0.699 ms
64 bytes from 192.168.200.254: icmp_seq=2 ttl=64 time=0.706 ms
^C
--- 192.168.200.254 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.699/0.702/0.706/0.026 ms
clt-ub16-nat10-104:~$ ping 10.104.200.254
PING 10.104.200.254 (10.104.200.254) 56(84) bytes of data.
64 bytes from 10.104.200.254: icmp_seq=1 ttl=64 time=0.856 ms
64 bytes from 10.104.200.254: icmp_seq=2 ttl=64 time=0.862 ms
^C
--- 10.104.200.254 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 0.856/0.859/0.862/0.003 ms