PPPoE DSL Sharing on Fedora1

Mnehwrar · 02-05-2004, 03:07 PM

ip_conntrack 28840 1 (autoclean) [ipt_state]
I do.

Also, route as in tracert from the windows box?

Tracert google.com
unable to resovle system target name google.com

JordanH · 02-05-2004, 05:21 PM

Sorry, let me be more clear. On your Fedora box there is a command called "route". It displays how your computer is directing network traffic and through which adapter. Normally, this is setup correctly automatically... however that's not always the case.

You should see a list of networks followed by gateways and associated NICs.

Mnehwrar · 02-12-2004, 01:45 PM

Code:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
adsl-155-77-1.m *               255.255.255.255 UH    0      0        0 ppp0
192.168.1.0     *               255.255.255.0   U     0      0        0 eth1
169.254.0.0     *               255.255.0.0     U     0      0        0 eth1
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         adsl-155-77-1.m 0.0.0.0         UG    0      0        0 ppp0

I dunno, I don't think its right.

JordanH · 02-13-2004, 11:12 AM

You really have me scratching my head now.

The routing looks ok.
The firewall (as of your last posting of it w/ int=eth1) looks ok.

I'm not ready to give up just yet but I'm thinking it's gotta be some small oversight.

What were the results from the tests in post #11 and #14?

Mnehwrar · 02-17-2004, 12:45 PM

[root@localhost root]# cat /var/log/messages | grep IPT
Feb 5 10:58:34 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 88.8.191 DST=68.158.206.129 LEN=566 TOS=0x00 PREC=0x00 TTL=104 ID=50448 DF PROTO =TCP SPT=5190 DPT=50263 WINDOW=16384 RES=0x00 ACK PSH URGP=0
Feb 5 10:59:06 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 88.8.191 DST=68.158.206.129 LEN=862 TOS=0x00 PREC=0x00 TTL=104 ID=35097 DF PROTO =TCP SPT=5190 DPT=50263 WINDOW=16384 RES=0x00 ACK PSH URGP=0
Feb 5 10:59:38 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 88.8.191 DST=68.158.206.129 LEN=862 TOS=0x00 PREC=0x00 TTL=104 ID=24673 DF PROTO =TCP SPT=5190 DPT=50263 WINDOW=16384 RES=0x00 ACK PSH URGP=0
Feb 5 11:22:37 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 52.144.235 DST=68.153.74.227 LEN=70 TOS=0x00 PREC=0x00 TTL=250 ID=33515 DF PROTO =UDP SPT=16073 DPT=32770 LEN=50
Feb 5 11:22:37 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 52.144.235 DST=68.153.74.227 LEN=70 TOS=0x00 PREC=0x00 TTL=250 ID=33516 DF PROTO =UDP SPT=16073 DPT=32770 LEN=50
Feb 5 11:28:17 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=211.2 44.27.149 DST=65.2.6.175 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=48467 DF PROTO=TCP SPT=3189 DPT=4899 WINDOW=16384 RES=0x00 SYN URGP=0
Feb 17 13:33:32 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.110.252 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15289 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:33 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15292 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:34 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15294 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:36 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.110.252 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15304 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:36 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15305 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:40 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.110.252 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15315 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:40 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15316 PROTO=UDP S

Mnehwrar · 02-17-2004, 12:57 PM

Here is with the minimal firewall script

Feb 5 10:58:34 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 88.8.191 DST=68.158.206.129 LEN=566 TOS=0x00 PREC=0x00 TTL=104 ID=50448 DF PROTO =TCP SPT=5190 DPT=50263 WINDOW=16384 RES=0x00 ACK PSH URGP=0
Feb 5 10:59:06 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 88.8.191 DST=68.158.206.129 LEN=862 TOS=0x00 PREC=0x00 TTL=104 ID=35097 DF PROTO =TCP SPT=5190 DPT=50263 WINDOW=16384 RES=0x00 ACK PSH URGP=0
Feb 5 10:59:38 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 88.8.191 DST=68.158.206.129 LEN=862 TOS=0x00 PREC=0x00 TTL=104 ID=24673 DF PROTO =TCP SPT=5190 DPT=50263 WINDOW=16384 RES=0x00 ACK PSH URGP=0
Feb 5 11:22:37 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 52.144.235 DST=68.153.74.227 LEN=70 TOS=0x00 PREC=0x00 TTL=250 ID=33515 DF PROTO =UDP SPT=16073 DPT=32770 LEN=50
Feb 5 11:22:37 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=205.1 52.144.235 DST=68.153.74.227 LEN=70 TOS=0x00 PREC=0x00 TTL=250 ID=33516 DF PROTO =UDP SPT=16073 DPT=32770 LEN=50
Feb 5 11:28:17 localhost kernel: IPT: EXT_FIREWALL: IN=ppp0 OUT= MAC= SRC=211.2 44.27.149 DST=65.2.6.175 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=48467 DF PROTO=TCP SPT=3189 DPT=4899 WINDOW=16384 RES=0x00 SYN URGP=0
Feb 17 13:33:32 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.110.252 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15289 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:33 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15292 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:34 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15294 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:36 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.110.252 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15304 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:36 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15305 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:40 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.110.252 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15315 PROTO=UDP S PT=1033 DPT=53 LEN=40
Feb 17 13:33:40 localhost kernel: IPT: OUT_NETWORK: IN=eth1 OUT=ppp0 SRC=192.168 .1.30 DST=205.152.114.235 LEN=60 TOS=0x00 PREC=0x00 TTL=127 ID=15316 PROTO=UDP S PT=1033 DPT=53 LEN=40

JordanH · 02-18-2004, 07:58 PM

Looking at your posts tells me that on Feb 17, some connections were being forwarded to the internet... Since I don't see anything other than destination port 53, I'm assuming you never were able to resolve the domain names and hence were unable to complete a connection.

On Feb. 5 those entries are being blocked legitametly since your firewall is not configured to allow those ports - this is a good thing.

With the open firewall, were you able to browse the net?

Mnehwrar · 02-26-2004, 02:15 PM

I installed Mandrake 9.2 and now everything works fine. Thanks for all of your trouble though.

JordanH · 03-01-2004, 06:28 PM

Well... It's odd that RedHat didn't work for you (heh, after all, I wrote that on Fedora & RedHat) but hey! I'm just glad you got it working.

Keep it secure.

J.