LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 08-09-2005, 04:00 AM   #1
1702fp
Member
 
Registered: Feb 2005
Location: California
Distribution: Slackware
Posts: 82

Rep: Reputation: 15
In need of assistance Asp please


Sorry for the asp but if I shut down the computer I will not be able to log back on to the Internet ok here is what happened. (I'm using Sarge Debian)

I apt-got a firewall named Guard-dog then surfed the Internet for a while, everything was working fine, then a hour latter I shut down the pc, then when I tried to log back back in, I was unable to gain access to the Internet, I don't know what happened but guard dog somehow managed to mess up my connection to the Internet.

I typed apt-get remove guard dog into the command line as root then rebooted the pc, still not go I keep getting a eth0 error so I re- installed guard dog, again then was able to connect to the Internet. (don't know why but I have to keep get apt-getting guard dog then reinstall it again and again in order to be able to gain access to the Internet. Guard dog messed up the network/ Internet connection and I don't know what to do.

Any suggestions on how to Totally remove guard dog (I already typed apt-get remove guard as root into the terminal and the message said that guard dog had been removed but apparently guard dog left their bogus setting on to the pc after I UN- installed it.

Any suggestions on what to do Will be appreciated I have lots of data on this computer and might loose all of it if I don't get a solution to this problem real fast (if I shut down the pc I will most likely not be able to log back on to the Internet and ask for help.

Any suggestions of how to fix this will be much appreciated.
 
Old 08-09-2005, 05:19 AM   #2
Artanicus
Member
 
Registered: Jan 2005
Location: Finland
Distribution: Ubuntu, Debian, Gentoo, Slackware
Posts: 827

Rep: Reputation: 31
My first suggestion would be to post topics here with a descriptive topic, I was bores enough that I bothered to read your post, but most people will just skip a 'heeelp, I need heeeeelp' topic... (:

Aaanyways, Guard-Dog surely uses iptables to create the firewall, so it is possible that it can block your net access if set up badly, and if the uninstall is not a very clean one, the firewall _will_ remain active untill you reboot. Then they are flushed out no matter what, unless the script Guard-Dog generated is still out there somewhere, and run by some rc.d.

My suggestion is, get to know this Guard-Dog, install it again, and fix the damn config to allow you access to the net. If you cant decipher it out, try the lightweight firewall maker Firestarter (warning, only tcp coverage) or if you want a truly great firewall, use FirewallBuilder (fwbuilder). Both sirely have .debs available, and compiling source isnt that horrible either.. (; It doesnt realy matter what firewall builder you use, they all use the same iptables backend. So, it realy is the usability of the program that you can give value to, and sofar Guard-Dog seems to have not proven that.. (;

Good luck with your endevours, post back and Ill try and help you more. If the problem persists, you might want to post the output of
Code:
ifconfig
.. dont forget to censor the ip addresses in the output.
 
Old 08-09-2005, 07:55 PM   #3
1702fp
Member
 
Registered: Feb 2005
Location: California
Distribution: Slackware
Posts: 82

Original Poster
Rep: Reputation: 15
Thanks for the reply I really do appreciate the help very much. I left the computer on all night because I did not want to risk loosing all the data that is stored on this pc.

Guard dog had somehow managed to apply their bogus firewall settings even after guard dog was UN-installed, completely. I didn't want what else to do and had no Internet access so I installed guard dog, and installed firestarter, figuring that fire starter would override guard dogs settings and it did, however the Pc keeps posting error messages DHCPDICSOVER on eth01 to 255 255 255 255 DHCPDICSOVER on eth01 to 255 255 255 255 DHCPDICSOVER on eth01 to 255 255 255 255 that error messages gos on for a while until the message finally ends with a ... loop back, I think. There are so many of them its hard to remember all of them.

I'm not sure But I do believe that my connection is DHCP and set up on eth0 and not eth1 I could be wrong about that I'm just guessing that my hook up is eth0 because fire starter is reporting activity from eth0 , and not eth01.

I don't know what else to do all I do know is that I have to, somehow erase the firewall settings that guard dog had left behind, and if I make a mistake I will have no Internet access and will have no other choice but to Un- install and then Re- install Debian again in order to be able to have Internet access.

I typed ifconfig into the terminal here is what is listed


linux:/home/username# ifconfig
eth0 Link encap:Ethernet HWaddr 00:02:B3:AA:EE:C4
inet addr:172.16.1.33 Bcast:172.16.255.255 Mask:255.255.0.0
inet6 addr: fe80::202:b3ff:feaa:eec4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:183 errors:0 dropped:0 overruns:0 frame:0
TX packets:180 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:95235 (93.0 KiB) TX bytes:17305 (16.8 KiB)

eth1 Link encap:UNSPEC HWaddr 00-50-42-A1-21-82-AC-B5-00-00-00-00-00-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:7 dropped:7 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:124 errors:0 dropped:0 overruns:0 frame:0
TX packets:124 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6564 (6.4 KiB) TX bytes:6564 (6.4 KiB)

linux:/home/username#


I have been using Debian for almost a year and never had any serious problems until now thanks again for the help I really do appreciate it.

Last edited by 1702fp; 08-09-2005 at 08:00 PM.
 
Old 08-09-2005, 08:04 PM   #4
Artanicus
Member
 
Registered: Jan 2005
Location: Finland
Distribution: Ubuntu, Debian, Gentoo, Slackware
Posts: 827

Rep: Reputation: 31
the DHCPDISCOVER "errors" come up when some other machine on your network is searching for a dhcp server. I dont get those errors unless ive got a misconfigured dhcpd (note the D for daemon) running. Now, you dont need the dhcpD in a typical environment, so by disabling it you should get rid of those errors, that are actually just notifications from the firewall.

If you succesfully installed firestarter, and went thru the wizard plus customized it to your needs, I see no reason why you couldnt reboot your computer. There seems to be some configuration you could do to slim down your settings, e.g. remove the initializing of eth1 if you dont need it, and verifying that the firestarter script is launched at bootup. But, those matters are better done The DEbian Way(tm), and I know nothing about that.. (;

But in my opinion, youre safe to reboot.
 
Old 08-09-2005, 08:17 PM   #5
charon79m
Member
 
Registered: Oct 2003
Distribution: Just about anything... so long as it is Debain based.
Posts: 297

Rep: Reputation: 30
You are SO dramatic. Your data is PERFECTLY SAFE!!! No matter if your network connection is screwed up you data is still there and without issues.

Ok, I'm better now.... back to the issue.

You are confusing a configuration utility with the actual firewall. The firewall is iptables, it is not guard-dog. If you take away the configuration utility the firewall still remains. Now that we know that, you might want to familuraize yourself with iptables and how they work to understand why you were not able to access the internet even with Guard-dog uninstalled. You should look at the man pages for iptables.

Ok, one last question. Why did you choose to install a firewall? By the looks of IP config it looks like you have a broadband router providing Internet access to you, so you're protected from the Internet.

MrKnisely
 
Old 08-09-2005, 10:35 PM   #6
1702fp
Member
 
Registered: Feb 2005
Location: California
Distribution: Slackware
Posts: 82

Original Poster
Rep: Reputation: 15
Thanks for the replies

Well... It happened again.

I rebooted the computer, hit the Internet icon and still no go Error message: page not found.

I was a Lil nervous when that happened because I thought there might not be any other choice but to Un- install and then Re- install Debian, again. So I did the same thing that I had done last night to get connected to the Internet. Un- installed Fire-starter again, then Re- installed it. The pc is now connected to the Internet However, if I Un- install Firestarter and no fire wall is installed on this pc, the computer will not connect to the Internet. That's strange, ......

I have a feeling that Guard dog had left behind some settings and that those settings are still applied onto this Pc furthermore, I also believe, that the only reason I am able to connect to the Internet, now is because Firestarter is Overriding Guard-dog and opening the ports that are needed to gain access to the Internet. The computer takes a good 4 - 5 minutes to boot because it keeps looking for a .... Eth1 (I'm not sure if I'm using Eth1 or Eth0 but I do believe I am using Eth0 and I have no idea how to ifconfig ? the settings so boot prompt will no longer search for Eth1, Or maybe... How to configure Firestarter, to log in as Root on boot prompt and make it configure the pc at boot to stop searching for Eth1.

If I didn't have so much precious data stored on this Pc, I would not be so concerned about this situation , but I do and think it is just a matter of time until the Pc stops working.

Quote:
charon76m
Ok, one last question. Why did you choose to install a firewall? By the looks of IP config it looks like you have a broadband router providing Internet access to you, so you're protected from the Internet.
I wanted to see if guard dog could spread a port range block similar to this one

Rule 1: TCP Inbound
Discription: TCP Block [IP Protocol 6]
Protocol: Other [6]
Direction: Incoming
Port Type: Port/Range: [1-65535]
Local Application: Any
Remote Address: Any
Remote Port: Any
Rule Valid: Always
Action: Deny
Log: Yes
Alert: No
Rule 2: TCP Outbound
Discription: TCP [Block Local Ports 1-1023]
Protocol: TCP
Direction: Outgoing
Port Type: Port/Range [1-1023]
Local App: Any
Remote Address: Any Address
Remote Port: Any
Rule Valid: Always
Action: Deny
Log: Yes
Alert: No

Rule 3: TCP Outbound
Description: TCP [Block Local Ports 5001-65535]
Protocol: TCP
Direction: Outgoing
Port Type: Port/Range [5001-65535]
Local App: Any
Remote Address: Any Address
Remote Port: Any
Rule Valid: Always
Action: Deny
Log: Yes
Alert: No
 
Old 08-09-2005, 10:48 PM   #7
charon79m
Member
 
Registered: Oct 2003
Distribution: Just about anything... so long as it is Debain based.
Posts: 297

Rep: Reputation: 30
What do you mean?

I'm not sure what you are talking about... here is how I read these:


Rule 1: TCP Inbound
Discription: TCP Block [IP Protocol 6]
Protocol: Other [6]
Direction: Incoming
Port Type: Port/Range: [1-65535]
Local Application: Any
Remote Address: Any
Remote Port: Any
Rule Valid: Always
Action: Deny
Log: Yes

Incoming TCP connections on any port are denied and logged.
_________________________________________________________

Alert: No
Rule 2: TCP Outbound
Discription: TCP [Block Local Ports 1-1023]
Protocol: TCP
Direction: Outgoing
Port Type: Port/Range [1-1023]
Local App: Any
Remote Address: Any Address
Remote Port: Any
Rule Valid: Always
Action: Deny
Log: Yes
Alert: No

Outboud TCP packets on lowlevel ports are Denied and logged.
__________________________________________________________

Rule 3: TCP Outbound
Description: TCP [Block Local Ports 5001-65535]
Protocol: TCP
Direction: Outgoing
Port Type: Port/Range [5001-65535]
Local App: Any
Remote Address: Any Address
Remote Port: Any
Rule Valid: Always
Action: Deny
Log: Yes
Alert: No

Outbound TCP packets on highlevel ports 5001 and up are blocked and logged.
___________________________________________

So, you're allwoing outbound connections only on TCP ports 1024-5000. Why?

Ok, so you've got iptables that are going a little wonky.... get rid of them and load a known working default. There are MANY tried and true iptables configs here... just search.

No, your firewall has NOTHING to do with the basic stability of your system nor your data integrity. Worst case, you kill your loopback interface and won't be able to bring up X... Your presious data is safe (though I will not be held responsible if you loose any data).

Regarding your Eth0 vs Eth1 issue. I'm rather certain with what you posted before you are only using Eth0. You probably have two network cards in this system, and your computer is trying to bring them both up. Since you probably only have one plugged in, your system is timing out while tring to get a DHCP address for the card that is not plugged in. Check your /etc/network/interfaces file and comment (#) out any lines regarding Eth1. That will probably resolve your hanging at boot issue when it is trying eth1.

MrKnisely
 
Old 08-09-2005, 10:49 PM   #8
ralvez
Member
 
Registered: Oct 2003
Location: Canada
Distribution: ArchLinux && Slackware 10.1
Posts: 298

Rep: Reputation: 30
Since you are using Slack, then your firewall is enabled by the file /etc/rc.d/rc.firewall.
Log in as the root user and issue the following command: "chmod 544 /etc/rc.d/rc.firewall". That will disable rc.firewall from running when you start up your computer.
Then I would reboot and go to http://www.fs-security.com/ and get firestarter. It is a very nice, very reliable and easy to configure firewall. Install it, use the test tool to make sure it is working fine and then follow the instructions to make it auto run every time you start your computer.

If you need help whit this part, let me know and I'll try to help you there.

Hope this helps.

Rick
 
Old 08-09-2005, 10:52 PM   #9
charon79m
Member
 
Registered: Oct 2003
Distribution: Just about anything... so long as it is Debain based.
Posts: 297

Rep: Reputation: 30
He's running Debian Sarge.

MrKnisely
 
Old 08-10-2005, 03:39 AM   #10
1702fp
Member
 
Registered: Feb 2005
Location: California
Distribution: Slackware
Posts: 82

Original Poster
Rep: Reputation: 15
Quote:
charon79m Since you probably only have one plugged in, your system is timing out while tring to get a DHCP address for the card that is not plugged in. Check your /etc/network/interfaces file and comment (#) out any lines regarding Eth1. That will probably resolve your hanging at boot issue when it is trying eth1.
That method worked. The Pc is no longer searching for Eth1. The DHCP Eth1 error message happened, immediately after I installed guard-dog, Huummm that's strange.

Thanks for the replies, I am now at ease Lol
 
Old 08-10-2005, 11:44 AM   #11
charon79m
Member
 
Registered: Oct 2003
Distribution: Just about anything... so long as it is Debain based.
Posts: 297

Rep: Reputation: 30
Pleasure to help.

I would like to echo a previous comment thought. Normally, I do not even bother to answer posts that do not describe their issue in the subject. I only answered this one because of how frantic you sounded in your responses...

MrKnisely
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
ASP programming? codejungle Linux - Software 4 02-23-2005 06:54 PM
Asp Ygrex Linux - Distributions 4 01-27-2005 09:50 AM
Asp CliffLandin Linux - Software 2 12-19-2003 06:31 AM
ASP? ASP for Perl? northwind blank Linux - Networking 3 02-04-2003 10:52 AM
httpd - asp or apache - asp vcheah Linux - General 2 01-18-2002 04:05 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:40 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration