eth0 seems to stop when I connect to the Internet
My pc, running RH 9, serves as a gateway for another computer (running
XP pro). I tried experimenting with kmyfirewall before. I think the error started then. Now, whenever I connect to the Internet via dial-up, the network can't see me anymore nor can I see them. I saw these errors which lead me to the suspicion that it's the LAN card that's having problems: Jun 19 11:54:57 kyutums kernel: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:02:44:16:9b:25:08:00 SRC=192.168.0.3 DST=192.168.0.255 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=12530 PROTO=UDP SPT=137 DPT=137 LEN=58 Jun 19 11:54:58 kyutums kernel: IN=eth0 OUT= MAC=00:0c:6e:03:86:3a:00:02:44:16:9b:25:08:00 SRC=192.168.0.3 DST=192.168.0.2 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=12531 PROTO=UDP SPT=137 DPT=137 LEN=58 Jun 19 11:55:00 kyutums kernel: IN=eth0 OUT= MAC=00:0c:6e:03:86:3a:00:02:44:16:9b:25:08:00 SRC=192.168.0.3 DST=192.168.0.2 LEN=78 TOS=0x00 PREC=0x00 TTL=128 ID=12532 PROTO=UDP SPT=137 DPT=137 LEN=58 I got a bunch of these. The all started after I connect to the net via modem: Jun 19 11:45:55 kyutums pppd[4208]: pppd 2.4.1 started by root, uid 0 Jun 19 11:45:56 kyutums wvdial[4226]: WvDial: Internet dialer version 1.53 <snip> Jun 19 11:46:41 kyutums pppd[4208]: Serial connection established. Jun 19 11:46:41 kyutums pppd[4208]: Using interface ppp0 Jun 19 11:46:41 kyutums pppd[4208]: Connect: ppp0 <--> /dev/modem Jun 19 11:46:41 kyutums /etc/hotplug/net.agent: assuming ppp0 is already up Jun 19 11:46:43 kyutums modprobe: modprobe: Can't locate module ppp-compress-21 Jun 19 11:46:43 kyutums kernel: PPP Deflate Compression module registered Jun 19 11:46:43 kyutums modprobe: modprobe: Can't locate module ppp-compress-21 Jun 19 11:46:43 kyutums pppd[4208]: local IP address 202.175.225.140 Jun 19 11:46:43 kyutums pppd[4208]: remote IP address 207.124.90.129 Jun 19 11:46:43 kyutums pppd[4208]: primary DNS address 203.167.102.1 Jun 19 11:46:43 kyutums pppd[4208]: secondary DNS address 203.167.102.2 Jun 19 11:46:44 kyutums su(pam_unix)[4278]: session opened for user root by (uid=0) Jun 19 11:46:44 kyutums su(pam_unix)[4278]: session closed for user root Jun 19 11:47:04 kyutums kernel: IN=eth0 OUT= MAC=00:0c:6e:03:86:3a:00:0c:6e:27:77:78:08:00 SRC=192.168.0.1 DST=192.168.0.2 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=10782 DF PROTO=TCP SPT=3150 DPT=139 WINDOW=16384 RES=0x00 SYN URGP=0 Jun 19 11:47:07 kyutums kernel: IN=eth0 OUT= MAC=00:0c:6e:03:86:3a:00:0c:6e:27:77:78:08:00 SRC=192.168.0.1 DST=192.168.0.2 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=10784 DF PROTO=TCP SPT=3150 DPT=139 WINDOW=16384 RES=0x00 SYN URGP=0 Does this mean that it's a kernel problem? - Andoy |
Sounds to me like you are firewalling up eth0 in an odd fashion. Post the output of
Code:
iptables -L -v cheers Jamie... |
I have no idea how these came about. :)
Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 UNCLEAN all -- ppp0 any anywhere anywhere unclean 0 0 ACCEPT tcp -- any any dns1.eastern-tele.com anywhere tcp flags:!SYN,RST,ACK/SYN 60 10086 ACCEPT udp -- any any dns1.eastern-tele.com anywhere 0 0 ACCEPT tcp -- any any dns2.eastern-tele.com anywhere tcp flags:!SYN,RST,ACK/SYN 0 0 ACCEPT udp -- any any dns2.eastern-tele.com anywhere 172 9538 ACCEPT all -- lo any anywhere anywhere 0 0 ACCEPT icmp -- any any anywhere 202.175.228.18 icmp echo-request limit: avg 1/sec burst 5 0 0 ACCEPT icmp -- any any anywhere 202.175.228.18 icmp echo-reply limit: avg 1/sec burst 5 0 0 ACCEPT udp -- any any anywhere 202.175.228.18 udp dpt:traceroute 0 0 ACCEPT icmp -- any any anywhere 202.175.228.18 icmp destination-unreachable 0 0 ACCEPT icmp -- any any anywhere 202.175.228.18 icmp host-unreachable 0 0 ACCEPT icmp -- any any anywhere 202.175.228.18 icmp timestamp-request 0 0 ACCEPT icmp -- any any anywhere 202.175.228.18 icmp timestamp-reply 0 0 ACCEPT icmp -- any any anywhere 202.175.228.18 icmp address-mask-request 0 0 ACCEPT icmp -- any any anywhere 202.175.228.18 icmp address-mask-reply 0 0 LD icmp -- any any anywhere 202.175.228.18 icmp redirect 0 0 ACCEPT icmp -- any any anywhere 202.175.228.18 icmp source-quench limit: avg 2/sec burst 5 0 0 LD all -- ppp0 any 0.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 1.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 2.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 5.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 7.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 10.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 23.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 27.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 31.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 36.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 37.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 39.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 41.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 42.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 49.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 50.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 58.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 59.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 70.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 71.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 72.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 73.0.0.0/8 202.175.228.18 0 0 LD all -- ppp0 any 74.0.0.0/8 202.175.228.18 BTW, I placed these at the end of /etc/rc.local to share my internet connection to a XP Pro box: modprobe iptable_nat iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -A FORWARD -i ppp0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACC$iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT iptables -P FORWARD DROP iptables -A INPUT -p tcp --dport 137 -j ACCEPT iptables -A INPUT -p tcp --dport 138 -j ACCEPT iptables -A INPUT -p tcp --dport 139 -j ACCEPT echo 1 > /proc/sys/net/ipv4/ip_forward |
Well that looks like a pretty crazy set of rules. What distro are you using? Unless you are feeling a little paranoid you shouldn't need to worry about too much firewalling on dialup as your lack of bandwidth/changing IP makes you a less appealing target.
cheers Jamie... |
RedHat 9. I don't know much about firewalls so I just copied the rules on the web. :)
Actually, I don't really need a firewall. I just need NAT. |
All times are GMT -5. The time now is 05:36 PM. |