Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to
LinuxQuestions.org , a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free.
Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please
contact us . If you need to reset your password,
click here .
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a
virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month.
Click here for more info.
02-05-2004, 03:07 PM
#16
LQ Newbie
Registered: Jan 2004
Distribution: Fedora Core 1
Posts: 12
Original Poster
Rep:
ip_conntrack 28840 1 (autoclean) [ipt_state]
I do.
Also, route as in tracert from the windows box?
Tracert google.com
unable to resovle system target name google.com
02-05-2004, 05:21 PM
#17
Member
Registered: Oct 2003
Location: Toronto, Canada
Distribution: Ubuntu, FC3, RHEL 3-4 AS Retired: SuSE 9.1 Pro, RedHat 6-9, FC1-2
Posts: 360
Rep:
Sorry, let me be more clear. On your Fedora box there is a command called "route". It displays how your computer is directing network traffic and through which adapter. Normally, this is setup correctly automatically... however that's not always the case.
You should see a list of networks followed by gateways and associated NICs.
02-12-2004, 01:45 PM
#18
LQ Newbie
Registered: Jan 2004
Distribution: Fedora Core 1
Posts: 12
Original Poster
Rep:
Code:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
adsl-155-77-1.m * 255.255.255.255 UH 0 0 0 ppp0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth1
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default adsl-155-77-1.m 0.0.0.0 UG 0 0 0 ppp0
I dunno, I don't think its right.
02-13-2004, 11:12 AM
#19
Member
Registered: Oct 2003
Location: Toronto, Canada
Distribution: Ubuntu, FC3, RHEL 3-4 AS Retired: SuSE 9.1 Pro, RedHat 6-9, FC1-2
Posts: 360
Rep:
You really have me scratching my head now.
The routing looks ok.
The firewall (as of your last posting of it w/ int=eth1) looks ok.
I'm not ready to give up just yet but I'm thinking it's gotta be some small oversight.
What were the results from the tests in post #11 and #14?
02-17-2004, 12:45 PM
#20
LQ Newbie
Registered: Jan 2004
Distribution: Fedora Core 1
Posts: 12
Original Poster
Rep:
[root@localhost root]# cat /var/log/messages | grep IPT
Feb 5 10:58:34 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 88.8.191 DST=68.158.206.129 LEN=566 TOS=0x00 PREC=0x00 TTL=104 ID=50448 DF PROTO =TCP SPT=5190 DPT=50263 WINDOW=16384 RES=0x00 ACK PSH URGP=0
Feb 5 10:59:06 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 88.8.191 DST=68.158.206.129 LEN=862 TOS=0x00 PREC=0x00 TTL=104 ID=35097 DF PROTO =TCP SPT=5190 DPT=50263 WINDOW=16384 RES=0x00 ACK PSH URGP=0
Feb 5 10:59:38 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 88.8.191 DST=68.158.206.129 LEN=862 TOS=0x00 PREC=0x00 TTL=104 ID=24673 DF PROTO =TCP SPT=5190 DPT=50263 WINDOW=16384 RES=0x00 ACK PSH URGP=0
Feb 5 11:22:37 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 52.144.235 DST=68.153.74.227 LEN=70 TOS=0x00 PREC=0x00 TTL=250 ID=33515 DF PROTO =UDP SPT=16073 DPT=32770 LEN=50
Feb 5 11:22:37 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 52.144.235 DST=68.153.74.227 LEN=70 TOS=0x00 PREC=0x00 TTL=250 ID=33516 DF PROTO =UDP SPT=16073 DPT=32770 LEN=50
Feb 5 11:28:17 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=211.2 44.27.149 DST=65.2.6.175 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=48467 DF PROTO=TCP SPT=3189 DPT=4899 WINDOW=16384 RES=0x00 SYN URGP=0
Feb 17 13:33:32 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.110.252 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15289 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:33 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15292 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:34 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15294 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:36 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.110.252 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15304 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:36 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15305 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:40 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.110.252 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15315 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:40 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15316 PROTO=UDP S
02-17-2004, 12:57 PM
#21
LQ Newbie
Registered: Jan 2004
Distribution: Fedora Core 1
Posts: 12
Original Poster
Rep:
Here is with the minimal firewall script
Feb 5 10:58:34 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 88.8.191 DST=68.158.206.129 LEN=566 TOS=0x00 PREC=0x00 TTL=104 ID=50448 DF PROTO =TCP SPT=5190 DPT=50263 WINDOW=16384 RES=0x00 ACK PSH URGP=0
Feb 5 10:59:06 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 88.8.191 DST=68.158.206.129 LEN=862 TOS=0x00 PREC=0x00 TTL=104 ID=35097 DF PROTO =TCP SPT=5190 DPT=50263 WINDOW=16384 RES=0x00 ACK PSH URGP=0
Feb 5 10:59:38 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 88.8.191 DST=68.158.206.129 LEN=862 TOS=0x00 PREC=0x00 TTL=104 ID=24673 DF PROTO =TCP SPT=5190 DPT=50263 WINDOW=16384 RES=0x00 ACK PSH URGP=0
Feb 5 11:22:37 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 52.144.235 DST=68.153.74.227 LEN=70 TOS=0x00 PREC=0x00 TTL=250 ID=33515 DF PROTO =UDP SPT=16073 DPT=32770 LEN=50
Feb 5 11:22:37 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 52.144.235 DST=68.153.74.227 LEN=70 TOS=0x00 PREC=0x00 TTL=250 ID=33516 DF PROTO =UDP SPT=16073 DPT=32770 LEN=50
Feb 5 11:28:17 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=211.2 44.27.149 DST=65.2.6.175 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=48467 DF PROTO=TCP SPT=3189 DPT=4899 WINDOW=16384 RES=0x00 SYN URGP=0
Feb 17 13:33:32 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.110.252 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15289 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:33 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15292 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:34 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15294 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:36 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.110.252 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15304 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:36 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15305 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:40 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.110.252 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15315 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:40 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15316 PROTO=UDP S PT=1033 DPT=53 LEN=40
02-18-2004, 07:58 PM
#22
Member
Registered: Oct 2003
Location: Toronto, Canada
Distribution: Ubuntu, FC3, RHEL 3-4 AS Retired: SuSE 9.1 Pro, RedHat 6-9, FC1-2
Posts: 360
Rep:
Looking at your posts tells me that on Feb 17, some connections were being forwarded to the internet... Since I don't see anything other than destination port 53, I'm assuming you never were able to resolve the domain names and hence were unable to complete a connection.
On Feb. 5 those entries are being blocked legitametly since your firewall is not configured to allow those ports - this is a good thing.
With the open firewall, were you able to browse the net?
02-26-2004, 02:15 PM
#23
LQ Newbie
Registered: Jan 2004
Distribution: Fedora Core 1
Posts: 12
Original Poster
Rep:
I installed Mandrake 9.2 and now everything works fine. Thanks for all of your trouble though.
03-01-2004, 06:28 PM
#24
Member
Registered: Oct 2003
Location: Toronto, Canada
Distribution: Ubuntu, FC3, RHEL 3-4 AS Retired: SuSE 9.1 Pro, RedHat 6-9, FC1-2
Posts: 360
Rep:
Well... It's odd that RedHat didn't work for you (heh, after all, I wrote that on Fedora & RedHat) but hey! I'm just glad you got it working.
Keep it secure.
J.
All times are GMT -5. The time now is 06:20 PM .
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know .
Latest Threads
LQ News