LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-21-2005, 08:08 AM   #1
Palula
Member
 
Registered: May 2005
Location: Brazil
Distribution: Fedore Core 3
Posts: 138

Rep: Reputation: 15
Masquerade: route sent us somewhere else.


Hello!!!

I finished my firewall settings yesterday. Basically copied some (about 140) lines from other Iptables files and changed them to suit my needs.

I created a script and putted it in the rc.local file for it to start automatically and looks like itīs working fine... :-) But sometimes this message appears on the screen: Masquerade: route sent us somewhere else. Could anybody help me with what is triggering this message?

The second thing is that when I start my Firewall before the connection (mine is adsl) is up, I get this message on screen: Iptables v1.2.11: host/network īlogin.icq.comī not found.
Try īiptables -hī or īiptables --helpīfor more information.
And when I start my PPP connection before the Firewall I donīt get the message. The question is: should any firewall start after the connection is up?

For me that is more of an idealistic concept because it happens just one second after the connection is up.

By the way, login.icq.com is the login page (destination) for ICQ, and I blocked it.

Thanks a lot!!!
Palula Brasil
 
Old 07-22-2005, 06:09 PM   #2
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,568

Rep: Reputation: 164Reputation: 164
Re: Masquerade: route sent us somewhere else.

Quote:
Originally posted by Palula
I created a script and putted it in the rc.local file for it to start automatically and looks like itīs working fine... :-) But sometimes this message appears on the screen: Masquerade: route sent us somewhere else. Could anybody help me with what is triggering this message?
It's hard to say without seeing your routing table (route command result) and the section of iptables script dealing with masquerading. My guess is that they not always match. Why? Without seeing it I can't say.

Quote:
The second thing is that when I start my Firewall before the connection (mine is adsl) is up, I get this message on screen: Iptables v1.2.11: host/network īlogin.icq.comī not found.
Try īiptables -hī or īiptables --helpīfor more information.
And when I start my PPP connection before the Firewall I donīt get the message. The question is: should any firewall start after the connection is up?
Any address written in non-IP form (so login.icq.com is one of them) is resolved when the rules load. In your case, DNS server access is needed. The connection is down at that time, so resolve attempt fails. Write the address as IP (if it doesn't change). It should help.

Firewall should rather start before your connection, but there are limitations, as you see above.
 
Old 07-30-2005, 01:30 AM   #3
Palula
Member
 
Registered: May 2005
Location: Brazil
Distribution: Fedore Core 3
Posts: 138

Original Poster
Rep: Reputation: 15
Sorry for the delay in replying your message.

The only line I have on all my firewall regarding MASQUERADE is this one:

/sbin/iptables -t nat -A POSTROUTING -s $lanip -j MASQUERADE
(Where $lanip represents my LAN IP range)

The message doesnīt appear often. It appears sometimes only. My internet connection looks fine on my windows clients, but even still itīs always annoying to know that something is going wrong with your config right? So I just want it to work 100% (as possible).

Hope anyone can help me!! :-)
Thanks a lot guys.
 
Old 07-30-2005, 05:00 PM   #4
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,568

Rep: Reputation: 164Reputation: 164
Do you have login.icq.com anywhere in the script (not only in the masquerading line)?
 
Old 07-31-2005, 12:18 PM   #5
Palula
Member
 
Registered: May 2005
Location: Brazil
Distribution: Fedore Core 3
Posts: 138

Original Poster
Rep: Reputation: 15
Yep. I still have it on my firewall script.
But I will change it to the regular IP number.
 
Old 07-31-2005, 03:04 PM   #6
Palula
Member
 
Registered: May 2005
Location: Brazil
Distribution: Fedore Core 3
Posts: 138

Original Poster
Rep: Reputation: 15
I changed it and the message still goes on appearing.
Something weird is that I just got my DHCP (with dhcpd) woking this afternoon and the Masquerade message seems to be appearing a bit more oftenly.

But I can surf on the web normally still yet, and the DHCP is assigning adresses normally too.

But anyway, Iīd really like to correct this problem. It reminds me of how I suck!!! :-)

Thank in advance!
Palula Brasil

Here is my route table:

Code:
Tabela de Roteamento IP do Kernel
Destino         Roteador        MÃĄscaraGen.    OpçÃĩes MÃĐtrica Ref   Uso Iface
200217050110.us *               255.255.255.255 UH    0      0        0 ppp0
192.168.100.0   *               255.255.255.0   U     0      0        0 eth1
169.254.0.0     *               255.255.0.0     U     0      0        0 eth1
default         200217050110.us 0.0.0.0         UG    0      0        0 ppp0

Last edited by Palula; 07-31-2005 at 03:28 PM.
 
Old 07-31-2005, 05:07 PM   #7
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,568

Rep: Reputation: 164Reputation: 164
My opinion is that it's all because this entry:
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
169.254.x.x is global address space, still it's redirected to local network. If you connect to any server from that range of IPs, there's a problem that may result in the message you get. Is it possible to remove this entry or there's a reason why you have it?
 
Old 08-01-2005, 11:00 AM   #8
Palula
Member
 
Registered: May 2005
Location: Brazil
Distribution: Fedore Core 3
Posts: 138

Original Poster
Rep: Reputation: 15
I donīt know how that entry has been generated.
I looked for everything regarding that IP adress (169.254.0.0) in my firewall rules and I didnīt find anything.
How is an entry generated?

And another thing. Could you give an explanation of how the route command can be read? I saw it and tried to understand, but for example I couldnīt even detect that this IP adress (169.254.0.0) shouldnīt be there...

By the way. My network only comprehends adresses beetween 192.168.100.1 (server) and 192.168.100.2 - 192.168.100.255 (clients) so I really think I donīt need that IP (169.254.0.0).

And theres something else I forgot too. As I said before, I configured a DHCP server on my Linux machine (DHCPD) itīs working fine (at least I think). The thing is: When I typed ifconfig, 3 interfaces were shown. eht0, eth1 and lo. Now 4 interfaces are shown eth0, eth1, lo and another wich I canīt remember because Iīm not in my machine, but Iīm pretty sure it has the letter "s". Is that normal, should it happen?

Thanks a lot! :-)

Last edited by Palula; 08-01-2005 at 11:53 AM.
 
Old 08-01-2005, 04:25 PM   #9
Palula
Member
 
Registered: May 2005
Location: Brazil
Distribution: Fedore Core 3
Posts: 138

Original Poster
Rep: Reputation: 15
Ok!
I did a little research and tried hard to understand how this thing works and came up with this line to exclude this route from my routing table.

Code:
route del -net 169.254.0.0 netmask 255.255.0.0 dev eth0
Is this right? And is that permanent? I mean will this exclude it permanently? If not, how can I permanently take that routing rule from my routing config?

Thank You!!! :-)
 
Old 08-01-2005, 05:57 PM   #10
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,568

Rep: Reputation: 164Reputation: 164
Quote:
Originally posted by Palula
I donīt know how that entry has been generated.
I looked for everything regarding that IP adress (169.254.0.0) in my firewall rules and I didnīt find anything.
How is an entry generated?
Hard to say. Usually when adding a new interface, but also manually.

Quote:
And another thing. Could you give an explanation of how the route command can be read? I saw it and tried to understand, but for example I couldnīt even detect that this IP adress (169.254.0.0) shouldnīt be there...
It's quite simple. Let's say you work as the routing mechanism and get a message. You look into the table comparing destination address from the message with the ones you have in first table column using also netmask. When you have match (default rule matches all), you know which interface to use to send it.

Routing table analysis is easy. You need to know which interfaces you have and what are their IPs and netmasks. Every interface should have an entry with its network. Default means..well...default (usually Internet connection).

Quote:
And theres something else I forgot too. As I said before, I configured a DHCP server on my Linux machine (DHCPD) itīs working fine (at least I think). The thing is: When I typed ifconfig, 3 interfaces were shown. eht0, eth1 and lo. Now 4 interfaces are shown eth0, eth1, lo and another wich I canīt remember because Iīm not in my machine, but Iīm pretty sure it has the letter "s". Is that normal, should it happen?
Can't guess what kind of interface it is. No idea for one with s It's probably has something to do with DHCP. Without your configuration it's hard to say.

Quote:
Ok!
I did a little research and tried hard to understand how this thing works and came up with this line to exclude this route from my routing table.
Code:
route del -net 169.254.0.0 netmask 255.255.0.0 dev eth0
Is this right? And is that permanent? I mean will this exclude it permanently? If not, how can I permanently take that routing rule from my routing config?
Looks correctly and should be permanent if there's no nice program recreating it at every boot. If you have something like that you need to find it.
 
Old 08-01-2005, 10:19 PM   #11
Palula
Member
 
Registered: May 2005
Location: Brazil
Distribution: Fedore Core 3
Posts: 138

Original Poster
Rep: Reputation: 15
It didnīt work.
Every time I boot up, there it is again on the route table.

Can anybody help me with this?
Thank you! :-)
 
Old 08-02-2005, 07:48 AM   #12
Palula
Member
 
Registered: May 2005
Location: Brazil
Distribution: Fedore Core 3
Posts: 138

Original Poster
Rep: Reputation: 15
Thereīs something else I forgot to tell.

In my Linux a service starts up at boot time called mDNSResponder. And it boots properly (doesnīt fail). But it gives two messages when I run the shutdown command (when itīs time for this service to unload).

If the ppp0 connection is up at shutdown time: mDNSResponder: 17 messages supressed. MASQUERADE: route sent us somewhere else.

If the ppp0 connection is down: mDNSResponder: No route. Rustyīs brain broke.

Thanks in advance!!!
Palula Brasil.
 
Old 08-03-2005, 04:24 PM   #13
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,568

Rep: Reputation: 164Reputation: 164
The question is what's setting the entry up. It may be mDNSResponder.
To find *all* files with 169.254.0.0 run the following command (big warning: it can take even 10 minutes):
cd /; grep -R 169.254.0.0 *
How does the result look like?
 
Old 08-03-2005, 09:35 PM   #14
Palula
Member
 
Registered: May 2005
Location: Brazil
Distribution: Fedore Core 3
Posts: 138

Original Poster
Rep: Reputation: 15
I couldnīt do that search because at some point my FC3 halted and putted a message regarding that the fd0 couldnīt be read... But it really shouldnīt be because the drive was not mounted and neither was I intrested in using the drive at that moment.

Anyway, unloading the mDNSResponder service took care of the route message. And it doesnīt show anymore messages regarding that route problem... But still there is that route (169.254.0.0) at the route table. And because of that Grep problem, I wasnīt unable to see which files has anything regarding that IP adress.

How can I correct that problem?

Thanks in advance.
 
Old 08-04-2005, 05:17 PM   #15
Mara
Moderator
 
Registered: Feb 2002
Location: Grenoble
Distribution: Debian
Posts: 9,568

Rep: Reputation: 164Reputation: 164
Quote:
Originally posted by Palula
I couldnīt do that search because at some point my FC3 halted and putted a message regarding that the fd0 couldnīt be read... But it really shouldnīt be because the drive was not mounted and neither was I intrested in using the drive at that moment.
The full grep command as I have given tries to look into all the directories and files. In your case, also floppy. Let's try a differnet version. This time only in /etc directory (it will be probably enough) and shorter.
cd /etc; grep -R 169.254.0.0 *

Quote:
Anyway, unloading the mDNSResponder service took care of the route message. And it doesnīt show anymore messages regarding that route problem... But still there is that route (169.254.0.0) at the route table. And because of that Grep problem, I wasnīt unable to see which files has anything regarding that IP adress.
If you remove the route with mDNSResponder off and reboot (make sure mDNSResponder is off permanently) does it stay?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
I am not able to add a new route to my route table using route command prashanth s j Linux - Networking 2 09-03-2005 05:34 AM
if a route fails in a multipath route? eantoranz Linux - Networking 5 07-03-2005 03:03 PM
ADSL as a Alternate route or backup route bhagat2000 Linux - Networking 0 05-27-2004 04:17 PM
Route/Masquerade problem spony Linux - Networking 5 01-06-2004 10:59 AM
Working with 'route' and unwanted route entries pioniere Linux - Networking 6 02-05-2003 01:14 PM


All times are GMT -5. The time now is 12:18 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration