i'm working on a home office dsl /smoothwall firewall/ apache server/ two pc network. i can't browse from the apache webserver's browser to the internet but i can ping all the way out to the internet gateway and beyond. my apache server is set up with a single nic 10.1.1.11 netmask 255.255.255.0. what am i missing? (after I solve this problem, i also want to set up a direct gateway from the dsl modem to the server nic. what is the best solution?)

Interfaces:

(FIREWALL TO LOCAL NETWORK 10 MB HUB)
eth0 Link encap:Ethernet HWaddr 00:60:B0:86:xx:7D
inet addr:10.1.1.1 Bcast:10.1.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2879 errors:0 dropped:0 overruns:0 frame:0
TX packets:5193 errors:0 dropped:0 overruns:0 carrier:0
collisions:12 txqueuelen:100
Interrupt:11 Base address:0xf4e0

(FIREWALL TO APACHE)
eth1 Link encap:Ethernet HWaddr 00:E0:29:xxC:31
inet addr:10.1.1.10 Bcast:10.1.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2 errors:0 dropped:0 overruns:0 frame:0
TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
Interrupt:11 Base address:0xfc00

(FIREWALL TO DSL MODEM)
eth2 Link encap:Ethernet HWaddr 00:50:BA:xx:3B:41
inet addr:xx.xxx.56.181 Bcast:xx.xxx.56.183 Mask:255.255.255.252
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5035 errors:0 dropped:0 overruns:0 frame:0
TX packets:2750 errors:0 dropped:0 overruns:0 carrier:0
collisions:2 txqueuelen:100
Interrupt:10 Base address:0xf800

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:1xx36 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0

Routing:

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
xx.xxx.56.180 0.0.0.0 255.255.255.252 U 0 0 0 eth2
10.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
0.0.0.0 xx.xxx.56.182 0.0.0.0 UG 0 0 0 eth2


Module Size Used by Not tainted
8139too 14888 2
pcnet32 14720 1
mii 1024 0 [8139too pcnet32]
ip_nat_ftp 3088 0 (unused)
ip_conntrack_ftp 3360 0 (unused)
ip_nat_irc 2384 0 (unused)
ip_conntrack_irc 2496 0 (unused)
ppp_async 6816 0 (unused)
ppp_synctty 5152 0 (unused)
ppp_generic 18656 0 [ppp_async ppp_synctty]
slhc4592 0 [ppp_generic]

Kernel version:

Linux firewall 2.4.19 #11 Wed Aug 21 12:13:27 BST 2002 i586 unknown

what are the contents of the file: /etc/resolv.conf on the apache box?

thanks for the suggestion. that would explain the browser issue. i'll try it tonight and report back.

someone else pointed out another issue. i have two possible target nic's in the network (The FIREWALL TO DSL MODEM (10.1.1.1) AND FIREWALL TO APACHE NIC 10.1.1.10.

to fix this, i'm also going to try renaming the Firewall to Apache Nic and the Apache NIC to give them a separate subnetwork like this: FIREWALL TO APACHE 10.1.10.1 and APACHE NIC TO FIREWALL 10.1.10.2.

Previously, tried a completely different network for the apache nic (192.168.0.1 and 192.168.0.2) but found that this requires the kernel to be both a router and a bridge (which requires a kernel patch). http://linuxnewbie.org/forum/showthread.php?s&action=&threadid=67225 Can anyone tell me where I could find a good explanation of why you can have: (1) multiple subnets under 10.1.x.x or 192.168.x.x but (2) NOT two separate networks with 10.1.x.x and 192.168.x.x? I read the works referenced by the hyperlink above but didn't find the answer (or at least one that i could understand).
thanks.

re: etc/resolv.conf, i've been messing around with some of the gui network configuration interfaces and some how i had edited my resolv.conf file without realizing it. thanks.

re: subnetwork issues, renaming the apache nic and firewall nic for apache did the trick. thanks.