Step Eleven: Testing more MASQ functionality with DNS
As a last test, try browsing some 'INTERNET' WWW sites on one of your MASQ Client machines, and see if you can reach them. For example, access the Linux Documentation Project site at http://www.tldp.org. If you are successful in bringing up that page, you can be fairly certain that everything is working FINE! If some WWW or FTP sites have problems, where other sites seem to work just fine, see the next step for more ideas.
If you see The Linux Documentation Project homepage, then CONGRATULATIONS! It's working! If the WWW site comes up correctly, then all other standard network tools such as PING, TELNET, SSH, and with their related IP MASQ modules loaded: FTP, Real Audio, IRC DCCs, Quake I/II/III, CuSeeme, VDOLive, etc. should work fine too! If FTP, IRC, RealAudio, Quake I/II/III, etc. aren't working or are performing poorly, verify that their associated Masquerading modules are loaded by running "lsmod" and also be sure you are loading the module with any non-default server ports. If you don't see your needed module, make sure your /etc/rc.d/rc.firewall-* script is loading them (i.e. remove the # character for a given IP MASQ module).