Slackware and 2 nics

mikz · 09-22-2004, 11:15 AM

I am attempting to create a firewall using Slackware as the OS. The general idea is to have 2 nics, wher eth0 is aimed at the LAN and eth1 at the internet. The problem is that I can't get any response from my eth1.

At the moment I'm connected to the internet via eth0.

Are there any configurations that I have forgotten, (perhaps IRQ).?

My ifconf looks like this:

th0 Link encap:Ethernet HWaddr 00:50:BA:EA:00:8E
inet addr:192.168.0.151 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::250:baff:feea:8e/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:444 errors:0 dropped:0 overruns:0 frame:0
TX packets:516 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:171486 (167.4 Kb) TX bytes:74315 (72.5 Kb)
Interrupt:11 Base address:0x3000

eth1 Link encap:Ethernet HWaddr 00:E0:4C:02:2D:76
inet6 addr: fe80::2e0:4cff:fe02:2d76/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:378 (378.0 b)
Interrupt:11 Base address:0x2800

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

sio · 09-22-2004, 11:28 AM

you say your connected to the internet via eth0 currently but eth0 is assigned a local ip, thatis 192.168..

if you want to make eth1 work with your broadband you need to enable dhcp for it. Sorry that i can't remember the correct file atm as im not on a linux box right now but if you go to

/etc/rc.d/

and i believe there is a file called rc.inetd.conf

it will have a very simple layout sort of like follows

eth0
use dhcp=""
use gateway=""
hostname=""

eth1
use dhcp=""
use gateway=""
hostname=""

eth2
use dhcp=""
use gateway=""
hostname=""

eth3
use dhcp=""
use gateway=""
hostname=""

it has some other options as well that slip my mind. Maksure that use dhcp is enabled for eth1.

[edit] you enable it by typing "yes" in the paranthesis

reboot, if its not working after a reboot try starting up the dhcpcd daemon manually on the ethernet device when you have the broadband connected to it like so, I think

dhcpcd -n eth1

maybe... check the man pages for dhcpcd to see what renews the ip. Doing a

dhcpcd -k eth1

should also release the ip. Do some tests back and forth on each device. If your able to get an ip on eth0 and not eth1 or if something else is acting goofy before you get that far, then describe what happens and we can take it from there.

mikz · 09-22-2004, 11:39 AM

eth0 is connected to the internet via a router/DCHP, hence the local IP..
Would the fact that both eth0 and eth1 both occupy IRQ 11 cause the problem:
I've also have the following info on my IRQ:

bash-3.00# dmesg | grep IRQ
PCI: Using IRQ router VIA [1106/0586] at 0000:00:14.0
Serial: 8250/16550 driver $Revision: 1.90 $ 48 ports, IRQ sharing enabl
PCI: Found IRQ 11 for device 0000:00:14.2
IRQ routing conflict for 0000:00:14.2, have irq 10, want irq 11
PCI: Found IRQ 11 for device 0000:00:04.0
eth0: VIA VT6102 Rhine-II at 0x41200000, 00:50:ba:ea:00:8e, IRQ 11.
PCI: Found IRQ 10 for device 0000:00:03.0
IRQ routing conflict for 0000:00:03.0, have irq 11, want irq 10
IRQ routing conflict for 0000:01:00.0, have irq 11, want irq 10
eth1: RealTek RTL8139 at 0x2800, 00:e0:4c:02:2d:76, IRQ 11

mikz · 09-22-2004, 11:46 AM

This is the layout of my rc.inetd.conf (Slackware 10)

#!/bin/sh
# Start/stop/restart inetd, the BSD Internet super-daemon.

# Start inetd:
inetd_start() {
if [ -x /usr/sbin/inetd ]; then
echo "Starting Internet super-server daemon: /usr/sbin/inetd"
/usr/sbin/inetd
fi
}

# Stop inetd:
inetd_stop() {
killall inetd
}

# Restart inetd:
inetd_restart() {
inetd_stop
sleep 1
inetd_start
}

case "$1" in
'start')
inetd_start
;;
'stop')
inetd_stop
;;
'restart')
inetd_restart
;;
*)
echo "usage $0 start|stop|restart"
esac

sio · 09-22-2004, 11:48 AM

couldn't give you a definate answer on that as I've never had issues with the such in linux before. I wouldn't really look at that being the problem anyways ( though i could be wrong ).

just one question. Why are you going from the cable modem to a router to your computer and then having your second ethernet device (the lan) going to a seperate switch where your other computers are going to be connected at.

You gave a brief overview of what you were trying to do in your first post, but could you be a little more specific about how your setting up your network?

sio · 09-22-2004, 11:49 AM

naw rc.inetd.conf wasn't the right file, open up the other files in there looking for the one that has the layout that i listed in the post

look for the file that looks like this

Quote:

Originally posted by sio
eth0
use dhcp=""
use gateway=""
hostname=""

eth1
use dhcp=""
use gateway=""
hostname=""

eth2
use dhcp=""
use gateway=""
hostname=""

eth3
use dhcp=""
use gateway=""
hostname=""

mikz · 09-22-2004, 11:57 AM

I've found the file rc.inet1.conf, which now contains:

# Config information for eth0:
IPADDR[0]=""
NETMASK[0]=""
USE_DHCP[0]="yes"
DHCP_HOSTNAME[0]=""

# Config information for eth1:
IPADDR[1]=""
NETMASK[1]=""
USE_DHCP[1]="yes"
DHCP_HOSTNAME[1]=""

mikz · 09-22-2004, 12:06 PM

My eth1 now appears to be working! Can they both co-exist on IRQ 11.? If not can I somehow manually assign an IRQ from within Slackware.?

eth0 Link encap:Ethernet HWaddr 00:50:BA:EA:00:8E
inet addr:192.168.0.151 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::250:baff:feea:8e/64 Scope:Link
UP BROADCAST NOTRAILERS MULTICAST MTU:1500 Metric:1
RX packets:2715 errors:0 dropped:0 overruns:0 frame:0
TX packets:3175 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:856783 (836.7 Kb) TX bytes:421021 (411.1 Kb)
Interrupt:11 Base address:0x3000

eth1 Link encap:Ethernet HWaddr 00:E0:4C:02:2D:76
inet addr:192.168.0.93 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::2e0:4cff:fe02:2d76/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:96 errors:0 dropped:0 overruns:0 frame:0
TX packets:127 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:29597 (28.9 Kb) TX bytes:15722 (15.3 Kb)
Interrupt:11 Base address:0x2800

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:24 errors:0 dropped:0 overruns:0 frame:0
TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:2289 (2.2 Kb) TX bytes:2289 (2.2 Kb)

sio · 09-22-2004, 12:16 PM

yeah thats it, except for doing what you want to say you need to assign one of the a static ip address

so you want to use eth0 as the lan first thing you need to do is set the ipaddr to say 192.168.0.1 and give it a netmask of 255.255.255.0 and a DCHP_Hostname of whatever "yasc" is what i commonly use [yet another slackware computer]

you need to then write a dhcp.conf file to administer IP's on that set of ips and then get a switch [not a router] and plug in eth0 to that switch and any computers you want to access the internet with and plug them into that switch. next you have your eth1 that is set to receive an ip to the internet, just jack it in straight from the modem. Setup connectivity between the two network cards while establishing what rules you want for your firewall, badabing badaboom your done.

Except your eth1 isn't getting administered an IP by your router as you said. Plug the router in onto eth1 and dont plug anything into eth0 and do a dhcpcd -n eth1

this should assign an IP. If it just hangs ctrl-c out and what are the two network devices you are using, specify if they are built onto the motherboard and what you did, if anything, to set them up

[edit] yes they can be on the same IRQ

mikz · 09-22-2004, 12:21 PM

Thanks Sio, you've been a great help.

mikz · 09-27-2004, 07:16 AM

"you need to then write a dhcp.conf file to administer IP's on that set of ips"

Do you know where I can find an example of the DHCP.CONF file?

gbonvehi · 09-27-2004, 07:21 AM

mikz, read: man dhcpd.conf
There are some examples there.

mikz · 09-27-2004, 09:02 AM

I now have my settings in rc.inet.conf for eth0 as:
# Config information for eth0:
IPADDR[0]="10.0.0.2"
NETMASK[0]=""
USE_DHCP[0]=""
DHCP_HOSTNAME[0]="slackbox"
# Config information for eth1:
IPADDR[1]=""
NETMASK[1]=""
USE_DHCP[1]="yes"
DHCP_HOSTNAME[1]=""
------------------------------------------------
My dhcpd.conf
# Global options
option domain-name "slackbox";
option domain-name-servers 10.0.0.1;

authoritative;
ddns-update-style none;

subnet 10.0.0.0 netmask 255.255.255.0 {
option subnet-mask 255.255.255.0;
option broadcast-address 10.0.0.255;
option routers 10.0.0.1;
range 10.0.0.2 10.0.0.254;
}

How do I make sure that there is no conflict between eth0 and eth1 as regards IP numbers.?

gbonvehi · 09-27-2004, 10:26 AM

Because there are ranges of IPs that are used specifically on internet and the rest on LAN to avoid those conflicts (it's a internation standart)

Here's a link to see about this: http://compnetworking.about.com/libr.../aa042400b.htm

And this a link to ips you can use on your LAN to avoid conflicts: http://windows.about.com/library/tips/bltip197.htm