*** This now works *** See my post further down for more info!

I am an avid techie with over 10 years computer experience. However, this is all Windows-based. I am venturing into Linux world with Mandrake (a newbie!) and would like some help setting up my Verizon DSL in Mandrake. Works fine in Windows! Sorry this is long, but didn't want to miss any relevant details. Thanks for everyone who helps in advance!

Specs:
OS: Mandrake Community 10.0
Ethernet card: ADMTek, PCI, ADM983 Linksys EtherFast 10/100
DSL Modem: Westell Wirespeed B90-210015-04 (2100 MODEL)
Provider: Verizon - 1.5 mbps / 128 kbps
Location: Perkasie, PA (Eastern PA)Untitled 2
Software: Roaring Penguin client 3.5

I have configured this as described in RP's "How to Connect" document. I have:
* Installed the rp-pppoe-3.5 software (no problems)
* Set up ethernet hardware ("ifconfig eth0" displays HW address, etc.)
* Edited PAP-SECRETS and CHAP-SECRETES with user & pswd
* Edited pppoe.conf
* Setup 2 DNS servers in /etc/resolv.conf
* Set up the firewall (more on this below - one error)

With Roaring Penguin's GUI, (./go-gui), clicking the "START" button very quickly turns the two red lights green. I assume this means there is a connection - but
to what???
I have configured this gui with:
* Verizon username & password
* Ethernet interface (eth0)
* Primary & Secondary DNS (used the ones I pick up if connecting from Windows)
* Checked "Allow use by non-root users"
* Checked "Use synchronous PPP"
* Firewalling is STANDALONE
* Advanced: Service-name & AC-name are blank
After doing this (Starting the connection from the GUI), trying to load a web page yeilds:
"An error occurred while loading nytimes.com/:
Unknown host nytimes.com"

QUESTION: What order do I have to run things (rp-pppoe, firewall, internet connection...) to get online???

I have an error with the firewall config which I have not been able to resolve. The script is at the end of this post. I find it hard to believe that one line not working could be the entire cause of my connectivity issues??? When I run the firewall with "sh /etc/rc.d/init.d/firewall start" command. Appart from the error given below in the script, it executes fine. However, even after executing my firewall script, I still get the "unknown host" error when loading a web page in a browser.
I've also poked around in the Mandrake Control Center > Network & Internet
Manage Connections shows:
1 profile: default
TCP/IP is DHCP
IP address, Netmask & Gateway are all BLANK.
DNS servers are specified - "Search Domain" says "none"
Options:
* Start at boot: NOT checked (from what I read in docs, I think this is right)
* Track Network card ID: NOT checked
* Network Hotplugging: CHECKED
Information:
Vendor: ADMtek
Description: ADM983 Linksys EtherFast 10/100
Media class: NETWORK_ETHERNET
Mac Address: 00:04:5a:7e:ee:12
Bus: PCI

Mandrake Control Center > Intenet Access
This section is blank except for one DNS server. When I try to fill it in, and click ok, upon coming back to this page it is blank. Does not seem to want to save information. Even as root.

Mandrake Control Center > Monitor Connections
This section shows four tabs: eth0, sit0, ppp0, ppp1
If I click "Connect" it says "Connecting to internet....." and finally:
"Configuration failed - check your configuration in the Mandrake control center."

I've also gleaned, from the Windows side (don't know if any of this is useful):
* Sever type: ppp
* Authentication: PAP
* Transports: TCP/IP
* Compression: none
* PP multilink framing: off
Regarding the Windows Ethernet LAN connection:
* DHCP: yes
* IP 169.254.57.59
* Subnet 255.255.0.0
* Gateway & DNS Servers both blank

I can post other config files later if anyone asks for them. I'm not sure which ones might be useful.

Here's my firewall script.

### FIREWALL SCRIPT FOLLOWS - NOTE ERROR ###
#!/bin/bash

inet=`ifconfig | grep -A1 eth0 | grep -v eth0 | awk '{ print $2 }' | awk -F: '{ print $2 }'`

## FLUSH TABLES
/sbin/iptables -v -t nat -F
/sbin/iptables -v -t filter -F
/sbin/iptables -v -t nat -X
/sbin/iptables -v -t filter -X
/sbin/iptables -v -t nat -Z
/sbin/iptables -v -t filter -Z

## RULES

# These lines are so that you don't lock yourself out of your own network/net connection. leave them in.
/sbin/iptables -v -t filter -A INPUT -i lo -j ACCEPT
/sbin/iptables -v -t filter -A INPUT -i eth1 -s 192.168.0.0/24 -j ACCEPT
/sbin/iptables -v -t filter -A FORWARD -i eth1 -s 192.168.0.0/24 -j ACCEPT

####################################################################
# PROBLEM WITH BELOW LINES. ONLY ONE IS NEEDED.
# - BOTH SHOULD DO SAME THING, BUT NEITHER WORK.
# RESPECTIVE ERROR MESSAGES FOLLOW EACH LINE#
# ATTEMPT #1
# /sbin/iptables -v -t nat -A POSTROUTING -s 192.168.0.0/24 -j SNAT --to-source $inet
# Above line gives error: iptables v1.2.9: Unknown arg `--to-source'
# However, other times I've gotten an error message that --to-source is needed!!!
#
# ATTEMPT #2
# /sbin/iptables -v -t nat -A POSTROUTING -o $INET -j MASQUERADE
# Above line gives error: Warning: wierd character in interface `-j' (No aliases, :, ! or *).
# Bad argument `MASQUERADE'
#
#
# This entire script came from forum examples
# All the rest of this firewall script executes with no errors.
####################################################################

# The next line is for port forwarding. if you need it then change the ports and ip address to suit your system.
# /sbin/iptables -v -t nat -A PREROUTING -i eth0 -p tcp --dport 8888 -j DNAT --to-destination 192.168.0.5:80
# NOTE: I HAVE NOT ALTERED ABOVE LINE - SHOULD I?


# The next two lines are for allowing incoming FTP and SSH respectively, uncomment if you need it.
# /sbin/iptables -v -t filter -A INPUT -i eth0 -p tcp --dport 21 -j ACCEPT
# /sbin/iptables -v -t filter -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT


# This line allows incoming ping requests.
/sbin/iptables -v -t filter -A INPUT -i eth0 $icmp -j ACCEPT


# These lines are probably the most important for security - don't change them.
/sbin/iptables -v -t filter -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -v -t filter -A INPUT -i eth0 -m state --state NEW -j REJECT --reject-with icmp-host-unreachable

Hi I am running Mandrake 9.1 and connect to Verizon DSL through a router.
But I also am new to Linux,been running it for about 5 months now. When I first
installed it, Shorewall was installed in the installation. And was installed secure.
I could not get a connection to the Internet. When I ran shore-wall stop from a
terminal as root. I could then connect. So I edited the way the ip chains were
in /etc/shorewall. I did'nt recognize the script that you posted. As I tried to
compare it to my configuration,to see if I could help. If there is anything I
can look at,since we have a similar setup. Let me know. Or if there is anything
else I can do to help. I also am coming from the windows side. 6yrs and a A+
Cert. But Linux is a lot different. Good luck,and let me know if I can help.
A. Gallina

A. Gallina - thanks for that info! Stopping shorewall did the trick. I can now get online in Linux. I really appreciate it - as I hammered for days on different configs.

I am writing this from Windows, since I had no security in Linux. I really don't want to get "owned."

Now I need to set about getting my firewall & shorewall properly configured. Any advice on those? I had the firewall config from my original post - but didn't work. I tried running it, once I was online, but that then prevented me from getting on the internet. Apparently both my shorewall & firewall are two tightly secured - and with either active, I can't get online.

Any advice on shorewall & firewall configs? Anyone want to post examples? Thanks!!!

- Jonathan

1 members found this post helpful.

I sure hope some one with more knowledge than I have picks up this thread. I tried posting about this about 4 months ago and was told to use a router with a firewall.
And not worry about as Linux is secure,(in a different forum than this one.)
I am not sure about the legality of using a router to pull the IP and then having the router act as a DNS server,in PA.
I would check the Verizon Terms Of Service.
Then ckeck this link for your state.
http://www.freedom-to-tinker.com/superdmca.html
Just to be aware of what you are doing.
I got my info for configuring shorewall here.
http://shorewall.sourceforge.net/

A. Gallina

A. Gallina - thanks again! Won't need anyone else to pick up this thread now, I am online in Linux, and secure. Your shorewall link was a great help. I spent a couple hours reading & digesting the info - and about 15 minutes installing & configuring. Just ran a security test from dslreports.org, and came up clean. Thanks again!!! (Not such a newbie anymore...perhaps...)
- Jonathan

my verizon online dsl does not like my mandrake linux 10.0 either, i read and digested the shorewall website and first configured shorewall on my computer and then turing it off completely. in verbuse mode, attempts to bing eth0 online fail. i have a dualboot with linux and xp and i cannot get internet on XP either so i suspect hardware. as for that i have an ESC k7vta3 sockect A with a built in eather net adapter. i was in a PC building class and the other person with the same motherboard reported much the same issues. If it is an OS issue, how can i change it, or ID it as being a linux/XP issue? If not, any ideas besides getting a now adapter PCI card or new mother board?

help is greatly appriciated


if anyone reads this

1 members found this post helpful.

i tried the command ifup and it responded that eth0 wasn't working

1 members found this post helpful.

asi0917 -

I doubt you have a problem with XP if you are booting into Linux. Unless your onboard ethernet adapter is like a "Winmodem" - which means it would partly be software based. You would have to get in touch with your manufacturer (ecsusa.com) to find out. If it *is* partly software based - and only works with Windows, then you'll need to buy a separate ethernet adapter. A new adapter should be VERY easy to setup in XP, and many new ones should work with Mandrake. Again, check the HCL links below before buying. Should be cheap - I'd say $10-$15 starting price - more if you want bells & whistles but there's not much point. Stick to a brand you've heard of or one with good warranty.

Some of my preferred sites for price checking:

www.ebay.com
www.nextag.com (ad based but great)
www.pricewatch.com (ditto)

You can use the following pages to do a little research on what hardware (including motherboards) is compatible with Mandrake 10:

http://www.linux-mandrake.com/en/fhard.php3

I did a quick search on yours but unfortunately it was not listed. Some other ones by ESC (pick "Elitegroup" as manufacturer - http://www.ecsusa.com).

Here are some other links that may be of use - (you can search Google.com for "linux hardware compatibility" or "mandrake hardware compatibility".)

http://www.tldp.org/HOWTO/Hardware-HOWTO/
http://hardware.redhat.com/hcl/ (For Red Hat but may be very similar to what works with Mandrake.)
http://www.linux.org/hardware/
http://www.linuxquestions.org/hcl/index.php (This site!)

The list goes on . . . I'll let you do more searching.

Curious to know what you find!

I suppose you've also read/tried the rest of what's in this page from my issues? Config files, etc. are important!!!

Hey, maybe you've already gotten it by now...wo-hoo!

Let us know how it goes...
- Jonathan

1 members found this post helpful.

i baught a new ethernet network adapter! (garage sale 5$)

and i've confered with others

turns out my built it network adapter isn't Dhcp enabled but my garage sale find is

under a command line prompt i used "ipconfig /release "Local Area Connection 1"" and "ipconfig /renew "Local Area Connection 1" in XP

and i don't know because i wasn't connected to the modem *sigh*

i will try with the modem connected and let you know latter

1 members found this post helpful.

asi0917 -

Sounds like you are almost there!

I can smell the electrons zinging into your LINUX connection .....

Let us know what comes next!

The supense!!!

- Jonathan

1 members found this post helpful.