LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Linux box with eth0 to cable modem and eth1 to Windows box (http://www.linuxquestions.org/questions/linux-networking-3/linux-box-with-eth0-to-cable-modem-and-eth1-to-windows-box-253821/)

videojeff 11-11-2004 06:48 PM

Linux box with eth0 to cable modem and eth1 to Windows box
 
After two days of searching the net, this forum, man pages and the few people I know who could possibly help me, I'm here to lie prostrate at the mercy of those who frequent this forum. Here's my situation:

Distro: Mepis (Debian based)

I have a linux box with NICs, eth0 and eth1.

eth0 is connected to my cable modem and comes up fine. I get to the net with no problem, which is how I am able to post to this forum, as I speak (type) this.

On boot, eth1 doesn't come up automatically (don't know if it should), but if I bring it up manually, it seems to work fine, so I'm trying to configure it to connect to my Windows machine.

I am not clever enough to get the routing set up correctly so that I can use my Windows machine via a route through the linux machine. I have gotten so far as to be able to ping all over the place, but it's been with all manually assigned addresses, and I know that DNS isn't getting set up right on the Windows machine either. And furthermore, I've not gotten the routing working well enough that I can do any more than the pings.

So--Here is what I'm hoping to do:

My eth0 gets an address via DHCP from my ISP (charter.net) with no problem. I would like to get things working so that eth0 continues to come up as it does, that eth1 then gets an address from my local linux box, and that my Windows machine also gets an address from the linux box, and then the Windows machine should be able to have internet access again and I can start my migration away from it. :)

Here is what I have so far, but be gentle with me. I know that things are screwed up, but I will point out what I know is working correctly. Then you can commence to point out what I did wrong:

Note: eth0 comes up automatically and seems to be fine. The ISP assigns the address via DHCP...
Code:

root@0[/]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:A0:CC:32:C5:48
          inet addr:68.119.0.72  Bcast:255.255.255.255  Mask:255.255.254.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:221125 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8933 errors:1 dropped:0 overruns:0 carrier:2
          collisions:306 txqueuelen:1000
          RX bytes:22068041 (21.0 MiB)  TX bytes:1129603 (1.0 MiB)
          Interrupt:9 Base address:0x1400

eth0:1    Link encap:Ethernet  HWaddr 00:A0:CC:32:C5:48
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.254
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:9 Base address:0x1400

eth1      Link encap:Ethernet  HWaddr 00:50:04:21:11:E4
          inet addr:192.168.1.10  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:497 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:32671 (31.9 KiB)  TX bytes:2052 (2.0 KiB)
          Interrupt:11 Base address:0x1080

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:135 errors:0 dropped:0 overruns:0 frame:0
          TX packets:135 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:7723 (7.5 KiB)  TX bytes:7723 (7.5 KiB)

The eth0:1 is an interface that I added, thinking that I would need it for traffic to get from eth1 to eth0. I added the interface on eth1 as well (192... etc.) Doing the routing is where I get messed up ( see below):
Code:

root@0[/]# netstat -r
Kernel IP routing table
Destination    Gateway        Genmask        Flags  MSS Window  irtt Iface
192.168.1.0    *              255.255.255.254 U        0 0          0 eth0
192.168.1.0    *              255.255.255.0  U        0 0          0 eth1
68.119.0.0      *              255.255.254.0  U        0 0          0 eth0
default        68-119-0-1.wa.c 0.0.0.0        UG        0 0          0 eth0

The last two lines came up automatically when eth0 came up. I believe that the second line appeared automatically when I added eth0:1, but I could be wrong. I might have added it ... The crux of my problem is that although I understand basically what has to happen in the routing theory, I'm not getting it to work in practice. I think that understanding the nomenclature of "netstat -r", and some of the finer details will come with help from this forum.

As an aside, believe it or not, I was a level 3 tech support person for two years with a big networking company, but it was several years ago and I've simply been purging my brain of the whole experience ever since. Unfortunately, I have overpurged and can't seem to do even the simplest of networking tasks now. Help!

Will be watching closely for a reply. Thank you.
--Jeff

CroMagnon 11-11-2004 07:14 PM

OK, you don't need that eth0:1 setup - I would get rid of it altogether as it might complicate things. For the bootup problem, check your /etc/network/interfaces file and make sure eth1 is listed on the 'auto' line (ie: auto lo eth0 eth1).

Next, make sure you have IP forwarding enabled ("cat /proc/sys/net/ipv4/ip_forward" should print 1... if it doesn't, add "ip_forward=yes" to your /etc/network/options file, then reboot or do "echo 1 > /proc/sys/net/ipv4/ip_forward" for immediate results).

Next you need to setup your DHCP server, but I would skip this step and manually configure the windows machine to test the connection - once the basics are working, you can worry about dynamic configuration. Set your Windows box to IP 192.168.1.200, using a gateway of 192.168.1.10 (also add your DNS servers) and see if everything works as expected. With this straightforward config, you should have no trouble accessing the net.

If this works, your next priority should be a basic firewall script - check google, as there are much better people than me to get this from.

Once all this is done, you can look into configuring dhcpd to assign the IP configuration to your local network. The docs and examples are very useful and easy to understand, and you should be able to edit a single config file to make this work.

videojeff 11-12-2004 12:36 AM

CroMagnon: Thanks for the quick reply.

I got rid of the eth0:1 as you suggest. But how does traffic on the 192 network get to the default gateway that is setup automatically on eth0? Excuse my lame questions.

IP forwarding wasn't on. I turned that on. I think that's a biggy that I just didn't have in my head anymore. My /etc/network/interfaces looks like this (is this generated automatically, because it looks a lot like the numbers I pulled out of my ear when I started this?):
Code:

# /etc/network/interfaces -- configuration file for if
up(8), ifdown(8)

auto lo
iface lo inet loopback

# DO NOT EDIT BELOW THIS LINE
auto eth0
iface eth0 inet dhcp
  address 192.168.0.10
  netmask 255.255.255.0
  broadcast 192.168.0.255
  gateway 192.168.0.1
 #wireless_essid any
 #wireless_mode Managed
 #wireless_freq 0
 #wireless_nwid none
 #wireless_key off
auto eth1
iface eth1 inet dhcp
  address 192.168.0.15
  netmask 255.255.255.0
  broadcast 192.168.0.255
  gateway 192.168.0.1
 #wireless_essid any
 #wireless_mode Managed
 #wireless_freq 0
 #wireless_nwid none
 #wireless_key off
#auto ath0
iface ath0 inet dhcp
  address 192.168.0.15
  netmask 255.255.255.0
  broadcast 192.168.0.255
  gateway 192.168.0.1
 #wireless_essid any
 #wireless_mode Managed
 #wireless_freq 0
 #wireless_nwid none
 #wireless_key off
#auto wlan0
iface wlan0 inet dhcp
  address 192.168.0.15
  netmask 255.255.255.0
  broadcast 192.168.0.255
  gateway 192.168.0.1
 #wireless_essid any
 #wireless_mode Managed
 #wireless_freq 0
 #wireless_nwid none
 #wireless_key off
# DO NOT EDIT ABOVE THIS LINE

Oh, and Mepis automatically set up Guarddog, and it seems to be doing a fine job as a firewall.

I will work with the info that you provided, but if you can address the above, that will be another step in the right direction. Especially the DHCP issue(s) because I'd like to get this box set up so that I don't have to mess with addresses. Even though I just have one machine right now, I plan to add a few more around the house as I get more Linux involved. Thanks for the help so far!

--Jeff

CroMagnon 11-12-2004 01:17 AM

Quote:

But how does traffic on the 192 network get to the default gateway that is setup automatically on eth0? Excuse my lame questions.
Your windows machine generates a packet for (say) 202.202.202.202. It doesn't know where to send it, so it sends it to it's default gateway - your linux box. The linux box doesn't know where to send it either, so it sends it to its own default gateway (the machine at your ISP). Once you get to this point, it doesn't matter anymore - your packet is on the internet and someone else's problem :)

As for eth1 and dhcp, just install dhcpd (if it's not already installed) and follow the directions. If you don't have man pages for dhcpd.conf, look here http://www.zevils.com/cgi-bin/man/man2html?dhcpd.conf+5. Oh, also you don't want eth1 to actually BE dhcp - you have to give it an IP, but that's not a big deal, and it will only be the one time. It's best to have your server or router on a static IP anyway.

Darin 11-12-2004 01:43 AM

Re: Linux box with eth0 to cable modem and eth1 to Windows box
 
Quote:

Originally posted by videojeff
root@0[/]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:A0:CC:32:C5:48
inet addr:68.119.0.72 Bcast:255.255.255.255 Mask:255.255.254.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

...

root@0[/]# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.1.0 * 255.255.255.254 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
68.119.0.0 * 255.255.254.0 U 0 0 0 eth0
default 68-119-0-1.wa.c 0.0.0.0 UG 0 0 0 eth0
...

so eth0 gets an IP address from your ISP, it should not have a 192.168.1.xxx address also, looks like you were in some sort of configuration tool and added that in, judging by your /etc/network/interfaces file. Go back in there and make sure there are no 192.168.1.xxx IP addresses tied to eth0 and only one tied to eth1. That should take the
192.168.1.0 * 255.255.255.254 U 0 0 0 eth0
line out of your route table. Packets wont get back to the other box if Linux thinks it can dump them out on eth0. I'm not sure what you have that is supposed to be 'ath0' and 'wlan0' but those also need to not have a 192.168.1.xxx IP address, if they are other interfaces that you want to talk to each other they need different subnets such as 192.168.2.xxx and 192.168.3.xxx. also, if you don't know what DNS to use on the other machine just type as root, 'cat /etc/resolv.conf' when The Internet is working and use those addresses for DNS servers on the other machine for now.

videojeff 11-13-2004 01:48 AM

Wow-- Thanks to Cromagnon and Darin for your input so far. This problem just keeps getting deeper. I'm not sure just where to comment next.

Well, I did set things up as you suggested, CroMagnon, and although I can get to where I am pinging everywhere just fine, my Windows machine still can't get anywhere. I'm not sure just where it's falling down.

Darin: I believe that those lines from /etc/network/interfaces were indeed created by the Mepis System Center (?) application. It doesn't seem to be helping me out much. Anyway, I've stopped using it and made my own changes to /etc/network/interfaces. It should just be trying to bring up eth0, then later eth1. When I boot, eth0 does come up properly, but see below for my problems on eth1.

I do see that when it's booting, it gives me a message along the lines of "DHCP failed to start". I also got to playing with ifup (I think it was), and tracing through the scripts that it calls (I'm a bit new to this, but have extensive experience with MS-DOS batch files, so I'm learning quickly), and see that "pump -i eth1" fails as well. I don't know if those are related failure messages. I'm not yet real clear on where to find what error messages are logged where. And the errors that I see on the bootup are often very cryptic for me at this point.

So here is where I'm at:

IP_forward = 1
Had to bring up eth1 manually, but seemed to come 'up' without a problem. See below:
Code:

root@0[videojeff]# ifconfig eth1 192.168.1.10 up
root@0[videojeff]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:A0:CC:32:C5:48
          inet addr:68.119.0.72  Bcast:255.255.255.255  Mask:255.255.254.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:22186 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3137 errors:1 dropped:0 overruns:0 carrier:2
          collisions:81 txqueuelen:1000
          RX bytes:5573996 (5.3 MiB)  TX bytes:307024 (299.8 KiB)
          Interrupt:9 Base address:0x1400

eth1      Link encap:Ethernet  HWaddr 00:50:04:21:11:E4
          inet addr:192.168.1.10  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:25 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2168 (2.1 KiB)  TX bytes:2112 (2.0 KiB)
          Interrupt:11 Base address:0x1080

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:3378 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3378 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:224942 (219.6 KiB)  TX bytes:224942 (219.6 KiB)

root@0[videojeff]# netstat -r
Kernel IP routing table
Destination    Gateway        Genmask        Flags  MSS Window  irtt Iface
192.168.1.0    *              255.255.255.0  U        0 0          0 eth1
68.119.0.0      *              255.255.254.0  U        0 0          0 eth0
default        68-119-0-1.wa.c 0.0.0.0        UG        0 0          0 eth0
root@0[videojeff]#

From the windows machine, I can ping 192.168.0.10, but can't ping 68.119.0.1 nor nor even .72, so pings aren't getting off eth1.

Any ideas why not?

You don't know how badly I want to get away from windows. I hate admitting it, but one thing about windows is that you really don't have to know much about what you're doing to get things up and running. I have attempted to move to Linux several times in the past, and always run into a problem like this and I cave in and go back to Windows. I'm close to doing that again, but this time I've invested quite a bit of time into it. If I can get connected with my two machines both having connectivity to the internet, and I can start moving my files over, I will start making every attempt to do my work on Linux when possible, and just switch back to Windows if I have to, until I can get weaned off completely.

Switching from Windows to Linux is like knowing full well that the drug you're on is killing you, but having to shoot up again anyway just to avoid the pain of withdrawal ...

--Jeff
P.S. As an aside, I'm using Mozilla, and I find it a bit disconcerting that every time I hit "Submit Reply" on my postings to this forum, Mozilla unceremoniously DISAPPEARS. On my previous posts, I was happy to find that when I logged back in, my post did make it in, but it's not giving me warm fuzzies. Anyone heard of that happening?

michaelk 11-13-2004 09:59 AM

Did you setup IP fowarding?
echo 1 > /proc/sys/net/ipv4/ip_forward

Did you set the gateway on the windows box to 192.168.1.10

Are you using DHCP or a static IP address on the windows box?
If using a static IP address be sure to add the DNS IP address in the windows box the same as the /etc/resolv.conf on the linux box.

And are you running any type of firewall on the linux box? If so be sure to allow traffic from eth1

videojeff 11-13-2004 02:47 PM

Quote:

Originally posted by michaelk
Did you setup IP fowarding?
echo 1 > /proc/sys/net/ipv4/ip_forward
Yes
Quote:

Did you set the gateway on the windows box to 192.168.1.10
Yes
Quote:

Are you using DHCP or a static IP address on the windows box?
Just static addresses until I can get it to even limp out to the internet. Then I'll try to tackle DHCP.
Quote:

If using a static IP address be sure to add the DNS IP address in the windows box the same as the /etc/resolv.conf on the linux box.
Did that.
Quote:

And are you running any type of firewall on the linux box? If so be sure to allow traffic from eth1
As for DHCP, one thing that I noticed as I was booting this morning, is that it does hang up for a bit where it says "Configuring network interfaces", and I'm sure that is where it is failing with the "pump -i eth1". Then I see that later in the bootup, it says "Starting DHCP-- failed". I've got a strong suspicion that this is my whole problem. Maybe someone can comment on this theory: The bootup doesn't start a local DHCP server until later. But when it's trying to bring up interfaces, it hasn't brought up a local DHCP server yet, so the requests go to my ISP, who doesn't allow that (?) because I'm only paying for one connection-- Then when DHCP tries to come up...well, that's where I'm stuck right now. I think I need to dig into the dhcpd.conf file more. Haven't touched that at all. Mostly because I don't understand how that relates to pump. Does pump use dhcpd.conf?

exvor 11-13-2004 04:54 PM

what Distro are you using ?

I have a similar setup and i do have a dns/dhcp server running. <-- this simplifies things


slackware has an exelent small dns/dhcp server that will make your life better when setting that up ill post it later when i get home and can look at it.


Getting back to your issue.

1. setup dhcp for your eth0

do not setup dhcp for your eth1

use 192.168.0.1 for eth1
Code:

root@computername# ifconfig eth1 192.168.0.1 netmask 255.255.255.0 up

then go to windows and set the ip for 192.168.0.2 and the netmask to 255.255.255.0 dont worry about the stupid gateway for now considering you need to get local crap working first.


ping the linux box 192.168.0.1 from windows command line
Code:

C:/supiddirecotry>ping 192.168.0.1
if thats working then communications is working


then go back to linux and get a firewall/routeing script

there is one called firegate that is ultra ez to get working and understand <-- im stupid about iptables and even i could get this working here :)

after you run the script it will setup everything as far as nat goes to route packets properly.

then go back to windows and add 192.168.0.1 to the gateway and for now your isps dns servers <-- untill you get a dns/dhcp server but honestly if this computer is gonna be the only one connected to the server then in reality this would be over complicating it.

videojeff 11-13-2004 06:05 PM

exvor: Thanks for the comments. My replies:

Quote:

Originally posted by exvor
what Distro are you using ?
Mepis (Debian based--see previous posts)

Quote:

...then go to windows and set the ip for 192.168.0.2 and the netmask to 255.255.255.0 dont worry about the stupid gateway for now considering you need to get local crap working first. <snip>

if thats working then communications is working
That's the thing (see previous posts)--I'm getting through in the 192 network just fine.
Quote:

then go back to linux and get a firewall/routeing script
I have a good firewall working, and in fact I've taken it up and down at times to see if that is causing part of the problem, but doesn't seem to be the cause of the interferrence.
Quote:

...if this computer is gonna be the only one connected to the server then in reality this would be over complicating it.
I agree. But I hope to have a number of computers on this network in the near future. I'd be happy to get it set up with static entries right now, but would like to have it automated, ultimately.

Darin 11-14-2004 06:01 AM

This is something dumb that we do in testing and is not reccomended as a permenant fix, but to take the firewall out of the equation (iptables is the firewall, things like firegate are just interfaces for iptables) type as root, 'iptables --flush' which clears all firewall rules then see if it works. If so then all you need is a good IPTables script, or maybe find the one your distro is running and see if it can be fixed. The script might have variables set at the top for INTERNAL and EXTERNAL and you can set internal to eth1 and external to eth0, if not then you will need iptables expertise beyond mine :(

norbi99 11-14-2004 09:50 AM

Sorry, I have no time to read the all the posts, but here is my setup an what I did:

WinXp
ip: 192.168.1.2
default GW 192.168.1.1 ( linux box IP)
DNS: the ip of the ISP DNS.

Linux box (RedHat 9)

eth0 : DHCP connected to the cable modem
eth1: ip 192.168.1.1

and I use ip table script from this web page:
http://www.rocky.molphys.leidenuniv.nl/

It is easy to configure.

hope this helped

N.

CroMagnon 11-14-2004 06:37 PM

Another thing that occurs to me is that you might need to enable masquerading. I have been thinking of your cable modem as a router (like most external DSL routers) that handle NAT, but a cable modem might not be such a beast (cable is not an option where I am, so I've never even seen a cable modem... I'm sure there are both types)

I'm also a bit confused about the fact that you said you can ping everything - if you can ping a webserver successfully, you should be able to get a web page from it too. What have you been able to ping?

The best tests are these (on the windows machine):
ping www.yahoo.com - does it resolve to an IP, and if so does it reply?
If it doesn't resolve, can you ping 66.94.230.49 successfully?

videojeff 11-14-2004 11:25 PM

CroMagnon: Sorry about my unclear statement about pinging everywhere. What I mean is this:

On the linux box, I can ping anything, anywhere. I can ping www.yahoo.com, I can ping the gateways, I can ping the interfaces. I can ping the windows box.

On the windows box, it can ping itself, of course (192.168.1.200) and can ping to eth1 (192.168.1.10) on the linux box, but can't ping anything else. I www.yahoo.com doesn't resolve and using the ip address directly doesn't work either.

I have to admit, I hadn't thought about the possibility that my firewall wasn't actually completely out of the picture when I was shutting down guarddog. I would occassionally shut it down completely for just a few seconds to pop back over to the windows box to see if the firewall was part of the problem. I did find, however, that there were occassions when shutting down guarddog DID help me get a ping to eth1, so that would lead me to adjusting some firewall settings. But nothing that I've done has gotten me to be able to ping to eth0, which has 68.119.0.72 (assigned via DHCP by the ISP). So I generally don't drop the firewall unless I'm feeling like I have done all I can with configuring, and think that it should work by now, so I'll drop the firewall and give it another ping, but it has rarely made a difference.

My brother and I were doing some long distance (me living in Washington NOT D.C. and him living in Virginia), and we're both wondering if some of this might be part of the problem...It's showing up in various logs with a pretty high frequency:
Code:

Nov 14 20:31:16 hightower kernel: DROPPED IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:9a:d2:90:5
4:08:00 SRC=10.211.96.1 DST=255.255.255.255 LEN=330 TOS=0x00 PREC=0x00 TTL=255 ID=51672 PROTO
=UDP SPT=67 DPT=68 LEN=310
Nov 14 20:31:17 hightower kernel: DROPPED IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:9a:d2:90:5
4:08:00 SRC=10.211.96.1 DST=255.255.255.255 LEN=330 TOS=0x00 PREC=0x00 TTL=255 ID=51684 PROTO
=UDP SPT=67 DPT=68 LEN=310
Nov 14 20:31:32 hightower kernel: DROPPED IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:9a:d2:90:5
4:08:00 SRC=10.211.96.1 DST=255.255.255.255 LEN=342 TOS=0x00 PREC=0x00 TTL=255 ID=51778 PROTO
=UDP SPT=67 DPT=68 LEN=322
Nov 14 20:31:32 hightower kernel: DROPPED IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:9a:d2:90:5
4:08:00 SRC=10.211.96.1 DST=255.255.255.255 LEN=342 TOS=0x00 PREC=0x00 TTL=255 ID=51779 PROTO
=UDP SPT=67 DPT=68 LEN=322
Nov 14 20:32:15 hightower kernel: DROPPED IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:9a:d2:90:5
4:08:00 SRC=172.29.46.25 DST=255.255.255.255 LEN=375 TOS=0x00 PREC=0x00 TTL=255 ID=52007 PROT
O=UDP SPT=67 DPT=68 LEN=355
Nov 14 20:32:20 hightower kernel: DROPPED IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:9a:d2:90:5
4:08:00 SRC=10.211.96.1 DST=255.255.255.255 LEN=375 TOS=0x00 PREC=0x00 TTL=255 ID=52034 PROTO
=UDP SPT=67 DPT=68 LEN=355

Having said that, I might also point out that I was playing a bit with Ethereal (having used NAI Sniffer Pro in my past life, but having forgotten much of it) and was annoyed to see tons and tons of arps, all coming from the same source, all to different destinations, in very much a sequential order. Doubt that it is related, but just as an aside, it irritates me to think that what I am seeing are people up to no good...

Darin: I will see if flushing iptables as you instructed does any good. If it does, I'll get back on immediately. If any time passes, you'll know I didn't get anywhere with it and will keep working on it and will update you when I learn more.

--Jeff

CroMagnon 11-14-2004 11:53 PM

Try flushing the firewall rules as Darin said, but also enable masquerading. I don't have masq enabled in my kernel (don't need it), but I think the command is like this:

iptables -A PREROUTING -t NAT -j MASQUERADE

Just use this for testing - if you can then ping properly from your Windows box, shut down the interface and bring it back up with the firewall intact and check for a decent masquerading firewall script (I can't remember specifics, but you only want to allow masquerading in one direction, and discard packets that appear to be local but actually come in via eth0, etc etc)


All times are GMT -5. The time now is 10:00 PM.