LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 11-11-2004, 06:48 PM   #1
videojeff
LQ Newbie
 
Registered: Nov 2004
Location: Kennewick, WA, USA
Distribution: Debian/Mepis
Posts: 8

Rep: Reputation: 0
Linux box with eth0 to cable modem and eth1 to Windows box


After two days of searching the net, this forum, man pages and the few people I know who could possibly help me, I'm here to lie prostrate at the mercy of those who frequent this forum. Here's my situation:

Distro: Mepis (Debian based)

I have a linux box with NICs, eth0 and eth1.

eth0 is connected to my cable modem and comes up fine. I get to the net with no problem, which is how I am able to post to this forum, as I speak (type) this.

On boot, eth1 doesn't come up automatically (don't know if it should), but if I bring it up manually, it seems to work fine, so I'm trying to configure it to connect to my Windows machine.

I am not clever enough to get the routing set up correctly so that I can use my Windows machine via a route through the linux machine. I have gotten so far as to be able to ping all over the place, but it's been with all manually assigned addresses, and I know that DNS isn't getting set up right on the Windows machine either. And furthermore, I've not gotten the routing working well enough that I can do any more than the pings.

So--Here is what I'm hoping to do:

My eth0 gets an address via DHCP from my ISP (charter.net) with no problem. I would like to get things working so that eth0 continues to come up as it does, that eth1 then gets an address from my local linux box, and that my Windows machine also gets an address from the linux box, and then the Windows machine should be able to have internet access again and I can start my migration away from it.

Here is what I have so far, but be gentle with me. I know that things are screwed up, but I will point out what I know is working correctly. Then you can commence to point out what I did wrong:

Note: eth0 comes up automatically and seems to be fine. The ISP assigns the address via DHCP...
Code:
root@0[/]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:A0:CC:32:C5:48
          inet addr:68.119.0.72  Bcast:255.255.255.255  Mask:255.255.254.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:221125 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8933 errors:1 dropped:0 overruns:0 carrier:2
          collisions:306 txqueuelen:1000
          RX bytes:22068041 (21.0 MiB)  TX bytes:1129603 (1.0 MiB)
          Interrupt:9 Base address:0x1400

eth0:1    Link encap:Ethernet  HWaddr 00:A0:CC:32:C5:48
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.254
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:9 Base address:0x1400

eth1      Link encap:Ethernet  HWaddr 00:50:04:21:11:E4
          inet addr:192.168.1.10  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:497 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:32671 (31.9 KiB)  TX bytes:2052 (2.0 KiB)
          Interrupt:11 Base address:0x1080

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:135 errors:0 dropped:0 overruns:0 frame:0
          TX packets:135 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:7723 (7.5 KiB)  TX bytes:7723 (7.5 KiB)
The eth0:1 is an interface that I added, thinking that I would need it for traffic to get from eth1 to eth0. I added the interface on eth1 as well (192... etc.) Doing the routing is where I get messed up ( see below):
Code:
root@0[/]# netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.1.0     *               255.255.255.254 U         0 0          0 eth0
192.168.1.0     *               255.255.255.0   U         0 0          0 eth1
68.119.0.0      *               255.255.254.0   U         0 0          0 eth0
default         68-119-0-1.wa.c 0.0.0.0         UG        0 0          0 eth0
The last two lines came up automatically when eth0 came up. I believe that the second line appeared automatically when I added eth0:1, but I could be wrong. I might have added it ... The crux of my problem is that although I understand basically what has to happen in the routing theory, I'm not getting it to work in practice. I think that understanding the nomenclature of "netstat -r", and some of the finer details will come with help from this forum.

As an aside, believe it or not, I was a level 3 tech support person for two years with a big networking company, but it was several years ago and I've simply been purging my brain of the whole experience ever since. Unfortunately, I have overpurged and can't seem to do even the simplest of networking tasks now. Help!

Will be watching closely for a reply. Thank you.
--Jeff

Last edited by videojeff; 11-13-2004 at 02:08 AM.
 
Old 11-11-2004, 07:14 PM   #2
CroMagnon
Member
 
Registered: Sep 2004
Location: New Zealand
Distribution: Debian
Posts: 900

Rep: Reputation: 33
OK, you don't need that eth0:1 setup - I would get rid of it altogether as it might complicate things. For the bootup problem, check your /etc/network/interfaces file and make sure eth1 is listed on the 'auto' line (ie: auto lo eth0 eth1).

Next, make sure you have IP forwarding enabled ("cat /proc/sys/net/ipv4/ip_forward" should print 1... if it doesn't, add "ip_forward=yes" to your /etc/network/options file, then reboot or do "echo 1 > /proc/sys/net/ipv4/ip_forward" for immediate results).

Next you need to setup your DHCP server, but I would skip this step and manually configure the windows machine to test the connection - once the basics are working, you can worry about dynamic configuration. Set your Windows box to IP 192.168.1.200, using a gateway of 192.168.1.10 (also add your DNS servers) and see if everything works as expected. With this straightforward config, you should have no trouble accessing the net.

If this works, your next priority should be a basic firewall script - check google, as there are much better people than me to get this from.

Once all this is done, you can look into configuring dhcpd to assign the IP configuration to your local network. The docs and examples are very useful and easy to understand, and you should be able to edit a single config file to make this work.
 
Old 11-12-2004, 12:36 AM   #3
videojeff
LQ Newbie
 
Registered: Nov 2004
Location: Kennewick, WA, USA
Distribution: Debian/Mepis
Posts: 8

Original Poster
Rep: Reputation: 0
CroMagnon: Thanks for the quick reply.

I got rid of the eth0:1 as you suggest. But how does traffic on the 192 network get to the default gateway that is setup automatically on eth0? Excuse my lame questions.

IP forwarding wasn't on. I turned that on. I think that's a biggy that I just didn't have in my head anymore. My /etc/network/interfaces looks like this (is this generated automatically, because it looks a lot like the numbers I pulled out of my ear when I started this?):
Code:
# /etc/network/interfaces -- configuration file for if
up(8), ifdown(8)

auto lo
iface lo inet loopback

# DO NOT EDIT BELOW THIS LINE
auto eth0
iface eth0 inet dhcp
  address 192.168.0.10
  netmask 255.255.255.0
  broadcast 192.168.0.255
  gateway 192.168.0.1
 #wireless_essid any
 #wireless_mode Managed
 #wireless_freq 0
 #wireless_nwid none
 #wireless_key off
auto eth1
iface eth1 inet dhcp
  address 192.168.0.15
  netmask 255.255.255.0
  broadcast 192.168.0.255
  gateway 192.168.0.1
 #wireless_essid any
 #wireless_mode Managed
 #wireless_freq 0
 #wireless_nwid none
 #wireless_key off
#auto ath0
iface ath0 inet dhcp
  address 192.168.0.15
  netmask 255.255.255.0
  broadcast 192.168.0.255
  gateway 192.168.0.1
 #wireless_essid any
 #wireless_mode Managed
 #wireless_freq 0
 #wireless_nwid none
 #wireless_key off
#auto wlan0
iface wlan0 inet dhcp
  address 192.168.0.15
  netmask 255.255.255.0
  broadcast 192.168.0.255
  gateway 192.168.0.1
 #wireless_essid any
 #wireless_mode Managed
 #wireless_freq 0
 #wireless_nwid none
 #wireless_key off
# DO NOT EDIT ABOVE THIS LINE
Oh, and Mepis automatically set up Guarddog, and it seems to be doing a fine job as a firewall.

I will work with the info that you provided, but if you can address the above, that will be another step in the right direction. Especially the DHCP issue(s) because I'd like to get this box set up so that I don't have to mess with addresses. Even though I just have one machine right now, I plan to add a few more around the house as I get more Linux involved. Thanks for the help so far!

--Jeff

Last edited by videojeff; 11-13-2004 at 02:06 AM.
 
Old 11-12-2004, 01:17 AM   #4
CroMagnon
Member
 
Registered: Sep 2004
Location: New Zealand
Distribution: Debian
Posts: 900

Rep: Reputation: 33
Quote:
But how does traffic on the 192 network get to the default gateway that is setup automatically on eth0? Excuse my lame questions.
Your windows machine generates a packet for (say) 202.202.202.202. It doesn't know where to send it, so it sends it to it's default gateway - your linux box. The linux box doesn't know where to send it either, so it sends it to its own default gateway (the machine at your ISP). Once you get to this point, it doesn't matter anymore - your packet is on the internet and someone else's problem

As for eth1 and dhcp, just install dhcpd (if it's not already installed) and follow the directions. If you don't have man pages for dhcpd.conf, look here http://www.zevils.com/cgi-bin/man/man2html?dhcpd.conf+5. Oh, also you don't want eth1 to actually BE dhcp - you have to give it an IP, but that's not a big deal, and it will only be the one time. It's best to have your server or router on a static IP anyway.
 
Old 11-12-2004, 01:43 AM   #5
Darin
Senior Member
 
Registered: Jan 2003
Location: Portland, OR USA
Distribution: Slackware, SLAX, Gentoo, RH/Fedora
Posts: 1,024

Rep: Reputation: 45
Re: Linux box with eth0 to cable modem and eth1 to Windows box

Quote:
Originally posted by videojeff
root@0[/]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:A0:CC:32:C5:48
inet addr:68.119.0.72 Bcast:255.255.255.255 Mask:255.255.254.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

...

root@0[/]# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.1.0 * 255.255.255.254 U 0 0 0 eth0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
68.119.0.0 * 255.255.254.0 U 0 0 0 eth0
default 68-119-0-1.wa.c 0.0.0.0 UG 0 0 0 eth0
...
so eth0 gets an IP address from your ISP, it should not have a 192.168.1.xxx address also, looks like you were in some sort of configuration tool and added that in, judging by your /etc/network/interfaces file. Go back in there and make sure there are no 192.168.1.xxx IP addresses tied to eth0 and only one tied to eth1. That should take the
192.168.1.0 * 255.255.255.254 U 0 0 0 eth0
line out of your route table. Packets wont get back to the other box if Linux thinks it can dump them out on eth0. I'm not sure what you have that is supposed to be 'ath0' and 'wlan0' but those also need to not have a 192.168.1.xxx IP address, if they are other interfaces that you want to talk to each other they need different subnets such as 192.168.2.xxx and 192.168.3.xxx. also, if you don't know what DNS to use on the other machine just type as root, 'cat /etc/resolv.conf' when The Internet is working and use those addresses for DNS servers on the other machine for now.
 
Old 11-13-2004, 01:48 AM   #6
videojeff
LQ Newbie
 
Registered: Nov 2004
Location: Kennewick, WA, USA
Distribution: Debian/Mepis
Posts: 8

Original Poster
Rep: Reputation: 0
Wow-- Thanks to Cromagnon and Darin for your input so far. This problem just keeps getting deeper. I'm not sure just where to comment next.

Well, I did set things up as you suggested, CroMagnon, and although I can get to where I am pinging everywhere just fine, my Windows machine still can't get anywhere. I'm not sure just where it's falling down.

Darin: I believe that those lines from /etc/network/interfaces were indeed created by the Mepis System Center (?) application. It doesn't seem to be helping me out much. Anyway, I've stopped using it and made my own changes to /etc/network/interfaces. It should just be trying to bring up eth0, then later eth1. When I boot, eth0 does come up properly, but see below for my problems on eth1.

I do see that when it's booting, it gives me a message along the lines of "DHCP failed to start". I also got to playing with ifup (I think it was), and tracing through the scripts that it calls (I'm a bit new to this, but have extensive experience with MS-DOS batch files, so I'm learning quickly), and see that "pump -i eth1" fails as well. I don't know if those are related failure messages. I'm not yet real clear on where to find what error messages are logged where. And the errors that I see on the bootup are often very cryptic for me at this point.

So here is where I'm at:

IP_forward = 1
Had to bring up eth1 manually, but seemed to come 'up' without a problem. See below:
Code:
root@0[videojeff]# ifconfig eth1 192.168.1.10 up
root@0[videojeff]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:A0:CC:32:C5:48
          inet addr:68.119.0.72  Bcast:255.255.255.255  Mask:255.255.254.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:22186 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3137 errors:1 dropped:0 overruns:0 carrier:2
          collisions:81 txqueuelen:1000
          RX bytes:5573996 (5.3 MiB)  TX bytes:307024 (299.8 KiB)
          Interrupt:9 Base address:0x1400

eth1      Link encap:Ethernet  HWaddr 00:50:04:21:11:E4
          inet addr:192.168.1.10  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:25 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2168 (2.1 KiB)  TX bytes:2112 (2.0 KiB)
          Interrupt:11 Base address:0x1080

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:3378 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3378 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:224942 (219.6 KiB)  TX bytes:224942 (219.6 KiB)

root@0[videojeff]# netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.1.0     *               255.255.255.0   U         0 0          0 eth1
68.119.0.0      *               255.255.254.0   U         0 0          0 eth0
default         68-119-0-1.wa.c 0.0.0.0         UG        0 0          0 eth0
root@0[videojeff]#
From the windows machine, I can ping 192.168.0.10, but can't ping 68.119.0.1 nor nor even .72, so pings aren't getting off eth1.

Any ideas why not?

You don't know how badly I want to get away from windows. I hate admitting it, but one thing about windows is that you really don't have to know much about what you're doing to get things up and running. I have attempted to move to Linux several times in the past, and always run into a problem like this and I cave in and go back to Windows. I'm close to doing that again, but this time I've invested quite a bit of time into it. If I can get connected with my two machines both having connectivity to the internet, and I can start moving my files over, I will start making every attempt to do my work on Linux when possible, and just switch back to Windows if I have to, until I can get weaned off completely.

Switching from Windows to Linux is like knowing full well that the drug you're on is killing you, but having to shoot up again anyway just to avoid the pain of withdrawal ...

--Jeff
P.S. As an aside, I'm using Mozilla, and I find it a bit disconcerting that every time I hit "Submit Reply" on my postings to this forum, Mozilla unceremoniously DISAPPEARS. On my previous posts, I was happy to find that when I logged back in, my post did make it in, but it's not giving me warm fuzzies. Anyone heard of that happening?

Last edited by videojeff; 11-13-2004 at 02:14 AM.
 
Old 11-13-2004, 09:59 AM   #7
michaelk
Moderator
 
Registered: Aug 2002
Posts: 11,969

Rep: Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752Reputation: 752
Did you setup IP fowarding?
echo 1 > /proc/sys/net/ipv4/ip_forward

Did you set the gateway on the windows box to 192.168.1.10

Are you using DHCP or a static IP address on the windows box?
If using a static IP address be sure to add the DNS IP address in the windows box the same as the /etc/resolv.conf on the linux box.

And are you running any type of firewall on the linux box? If so be sure to allow traffic from eth1
 
Old 11-13-2004, 02:47 PM   #8
videojeff
LQ Newbie
 
Registered: Nov 2004
Location: Kennewick, WA, USA
Distribution: Debian/Mepis
Posts: 8

Original Poster
Rep: Reputation: 0
Quote:
Originally posted by michaelk
Did you setup IP fowarding?
echo 1 > /proc/sys/net/ipv4/ip_forward
Yes
Quote:
Did you set the gateway on the windows box to 192.168.1.10
Yes
Quote:
Are you using DHCP or a static IP address on the windows box?
Just static addresses until I can get it to even limp out to the internet. Then I'll try to tackle DHCP.
Quote:
If using a static IP address be sure to add the DNS IP address in the windows box the same as the /etc/resolv.conf on the linux box.
Did that.
Quote:
And are you running any type of firewall on the linux box? If so be sure to allow traffic from eth1
As for DHCP, one thing that I noticed as I was booting this morning, is that it does hang up for a bit where it says "Configuring network interfaces", and I'm sure that is where it is failing with the "pump -i eth1". Then I see that later in the bootup, it says "Starting DHCP-- failed". I've got a strong suspicion that this is my whole problem. Maybe someone can comment on this theory: The bootup doesn't start a local DHCP server until later. But when it's trying to bring up interfaces, it hasn't brought up a local DHCP server yet, so the requests go to my ISP, who doesn't allow that (?) because I'm only paying for one connection-- Then when DHCP tries to come up...well, that's where I'm stuck right now. I think I need to dig into the dhcpd.conf file more. Haven't touched that at all. Mostly because I don't understand how that relates to pump. Does pump use dhcpd.conf?

Last edited by videojeff; 11-13-2004 at 03:50 PM.
 
Old 11-13-2004, 04:54 PM   #9
exvor
Senior Member
 
Registered: Jul 2004
Location: Phoenix, Arizona
Distribution: LFS-Version SVN-20091202, Arch 2009.08
Posts: 1,488

Rep: Reputation: 67
what Distro are you using ?

I have a similar setup and i do have a dns/dhcp server running. <-- this simplifies things


slackware has an exelent small dns/dhcp server that will make your life better when setting that up ill post it later when i get home and can look at it.


Getting back to your issue.

1. setup dhcp for your eth0

do not setup dhcp for your eth1

use 192.168.0.1 for eth1
Code:
root@computername# ifconfig eth1 192.168.0.1 netmask 255.255.255.0 up

then go to windows and set the ip for 192.168.0.2 and the netmask to 255.255.255.0 dont worry about the stupid gateway for now considering you need to get local crap working first.


ping the linux box 192.168.0.1 from windows command line
Code:
C:/supiddirecotry>ping 192.168.0.1
if thats working then communications is working


then go back to linux and get a firewall/routeing script

there is one called firegate that is ultra ez to get working and understand <-- im stupid about iptables and even i could get this working here

after you run the script it will setup everything as far as nat goes to route packets properly.

then go back to windows and add 192.168.0.1 to the gateway and for now your isps dns servers <-- untill you get a dns/dhcp server but honestly if this computer is gonna be the only one connected to the server then in reality this would be over complicating it.
 
Old 11-13-2004, 06:05 PM   #10
videojeff
LQ Newbie
 
Registered: Nov 2004
Location: Kennewick, WA, USA
Distribution: Debian/Mepis
Posts: 8

Original Poster
Rep: Reputation: 0
exvor: Thanks for the comments. My replies:

Quote:
Originally posted by exvor
what Distro are you using ?
Mepis (Debian based--see previous posts)

Quote:
...then go to windows and set the ip for 192.168.0.2 and the netmask to 255.255.255.0 dont worry about the stupid gateway for now considering you need to get local crap working first. <snip>

if thats working then communications is working
That's the thing (see previous posts)--I'm getting through in the 192 network just fine.
Quote:
then go back to linux and get a firewall/routeing script
I have a good firewall working, and in fact I've taken it up and down at times to see if that is causing part of the problem, but doesn't seem to be the cause of the interferrence.
Quote:
...if this computer is gonna be the only one connected to the server then in reality this would be over complicating it.
I agree. But I hope to have a number of computers on this network in the near future. I'd be happy to get it set up with static entries right now, but would like to have it automated, ultimately.
 
Old 11-14-2004, 06:01 AM   #11
Darin
Senior Member
 
Registered: Jan 2003
Location: Portland, OR USA
Distribution: Slackware, SLAX, Gentoo, RH/Fedora
Posts: 1,024

Rep: Reputation: 45
This is something dumb that we do in testing and is not reccomended as a permenant fix, but to take the firewall out of the equation (iptables is the firewall, things like firegate are just interfaces for iptables) type as root, 'iptables --flush' which clears all firewall rules then see if it works. If so then all you need is a good IPTables script, or maybe find the one your distro is running and see if it can be fixed. The script might have variables set at the top for INTERNAL and EXTERNAL and you can set internal to eth1 and external to eth0, if not then you will need iptables expertise beyond mine
 
Old 11-14-2004, 09:50 AM   #12
norbi99
LQ Newbie
 
Registered: Oct 2004
Posts: 17

Rep: Reputation: 0
Sorry, I have no time to read the all the posts, but here is my setup an what I did:

WinXp
ip: 192.168.1.2
default GW 192.168.1.1 ( linux box IP)
DNS: the ip of the ISP DNS.

Linux box (RedHat 9)

eth0 : DHCP connected to the cable modem
eth1: ip 192.168.1.1

and I use ip table script from this web page:
http://www.rocky.molphys.leidenuniv.nl/

It is easy to configure.

hope this helped

N.
 
Old 11-14-2004, 06:37 PM   #13
CroMagnon
Member
 
Registered: Sep 2004
Location: New Zealand
Distribution: Debian
Posts: 900

Rep: Reputation: 33
Another thing that occurs to me is that you might need to enable masquerading. I have been thinking of your cable modem as a router (like most external DSL routers) that handle NAT, but a cable modem might not be such a beast (cable is not an option where I am, so I've never even seen a cable modem... I'm sure there are both types)

I'm also a bit confused about the fact that you said you can ping everything - if you can ping a webserver successfully, you should be able to get a web page from it too. What have you been able to ping?

The best tests are these (on the windows machine):
ping www.yahoo.com - does it resolve to an IP, and if so does it reply?
If it doesn't resolve, can you ping 66.94.230.49 successfully?
 
Old 11-14-2004, 11:25 PM   #14
videojeff
LQ Newbie
 
Registered: Nov 2004
Location: Kennewick, WA, USA
Distribution: Debian/Mepis
Posts: 8

Original Poster
Rep: Reputation: 0
CroMagnon: Sorry about my unclear statement about pinging everywhere. What I mean is this:

On the linux box, I can ping anything, anywhere. I can ping www.yahoo.com, I can ping the gateways, I can ping the interfaces. I can ping the windows box.

On the windows box, it can ping itself, of course (192.168.1.200) and can ping to eth1 (192.168.1.10) on the linux box, but can't ping anything else. I www.yahoo.com doesn't resolve and using the ip address directly doesn't work either.

I have to admit, I hadn't thought about the possibility that my firewall wasn't actually completely out of the picture when I was shutting down guarddog. I would occassionally shut it down completely for just a few seconds to pop back over to the windows box to see if the firewall was part of the problem. I did find, however, that there were occassions when shutting down guarddog DID help me get a ping to eth1, so that would lead me to adjusting some firewall settings. But nothing that I've done has gotten me to be able to ping to eth0, which has 68.119.0.72 (assigned via DHCP by the ISP). So I generally don't drop the firewall unless I'm feeling like I have done all I can with configuring, and think that it should work by now, so I'll drop the firewall and give it another ping, but it has rarely made a difference.

My brother and I were doing some long distance (me living in Washington NOT D.C. and him living in Virginia), and we're both wondering if some of this might be part of the problem...It's showing up in various logs with a pretty high frequency:
Code:
Nov 14 20:31:16 hightower kernel: DROPPED IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:9a:d2:90:5
4:08:00 SRC=10.211.96.1 DST=255.255.255.255 LEN=330 TOS=0x00 PREC=0x00 TTL=255 ID=51672 PROTO
=UDP SPT=67 DPT=68 LEN=310
Nov 14 20:31:17 hightower kernel: DROPPED IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:9a:d2:90:5
4:08:00 SRC=10.211.96.1 DST=255.255.255.255 LEN=330 TOS=0x00 PREC=0x00 TTL=255 ID=51684 PROTO
=UDP SPT=67 DPT=68 LEN=310
Nov 14 20:31:32 hightower kernel: DROPPED IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:9a:d2:90:5
4:08:00 SRC=10.211.96.1 DST=255.255.255.255 LEN=342 TOS=0x00 PREC=0x00 TTL=255 ID=51778 PROTO
=UDP SPT=67 DPT=68 LEN=322
Nov 14 20:31:32 hightower kernel: DROPPED IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:9a:d2:90:5
4:08:00 SRC=10.211.96.1 DST=255.255.255.255 LEN=342 TOS=0x00 PREC=0x00 TTL=255 ID=51779 PROTO
=UDP SPT=67 DPT=68 LEN=322
Nov 14 20:32:15 hightower kernel: DROPPED IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:9a:d2:90:5
4:08:00 SRC=172.29.46.25 DST=255.255.255.255 LEN=375 TOS=0x00 PREC=0x00 TTL=255 ID=52007 PROT
O=UDP SPT=67 DPT=68 LEN=355
Nov 14 20:32:20 hightower kernel: DROPPED IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:05:9a:d2:90:5
4:08:00 SRC=10.211.96.1 DST=255.255.255.255 LEN=375 TOS=0x00 PREC=0x00 TTL=255 ID=52034 PROTO
=UDP SPT=67 DPT=68 LEN=355
Having said that, I might also point out that I was playing a bit with Ethereal (having used NAI Sniffer Pro in my past life, but having forgotten much of it) and was annoyed to see tons and tons of arps, all coming from the same source, all to different destinations, in very much a sequential order. Doubt that it is related, but just as an aside, it irritates me to think that what I am seeing are people up to no good...

Darin: I will see if flushing iptables as you instructed does any good. If it does, I'll get back on immediately. If any time passes, you'll know I didn't get anywhere with it and will keep working on it and will update you when I learn more.

--Jeff

Last edited by videojeff; 11-14-2004 at 11:29 PM.
 
Old 11-14-2004, 11:53 PM   #15
CroMagnon
Member
 
Registered: Sep 2004
Location: New Zealand
Distribution: Debian
Posts: 900

Rep: Reputation: 33
Try flushing the firewall rules as Darin said, but also enable masquerading. I don't have masq enabled in my kernel (don't need it), but I think the command is like this:

iptables -A PREROUTING -t NAT -j MASQUERADE

Just use this for testing - if you can then ping properly from your Windows box, shut down the interface and bring it back up with the firewall intact and check for a decent masquerading firewall script (I can't remember specifics, but you only want to allow masquerading in one direction, and discard packets that appear to be local but actually come in via eth0, etc etc)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Troubleshooting Slow Transfer Speed Between Linux Box and Windows Box timswim78 Linux - General 1 10-23-2005 11:45 AM
Windows XP box losing connection to Linux box after 30 sec. NeoZeus Linux - Networking 3 07-21-2005 12:02 AM
Transfairing files from windows xp box to mandrake linux 10.0 box. tyledogg Linux - Newbie 4 07-25-2004 11:24 PM
Linux box calling a batch script on a windows box to run? Is it possible? joelhop Programming 8 05-17-2004 04:49 PM
How do you import the view from a Linux box onto a Windows box? m1ska Linux - General 5 01-26-2004 06:19 PM


All times are GMT -5. The time now is 05:01 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration