Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
04-24-2006, 10:14 PM
|
#16
|
Member
Registered: Jan 2006
Location: Macomb, IL
Distribution: Slackware 13.1
Posts: 152
Original Poster
Rep:
|
Ok so heres the deal. I reinstalled slackware and set up the DHCP server. I ran the firewall script and my client machines can ping both interfaces on my server and outside sites. However my client machines can't connect ftp or telnet to anything. here is my ifconfig output.
eth0 Link encap:Ethernet HWaddr 00:01:03:3B:FE:AB
inet addr:69.44.25.251 Bcast:69.44.25.255 Mask:255.255.255.192
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:26 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:1
collisions:0 txqueuelen:1000
RX bytes:6884 (6.7 Kb) TX bytes:2769 (2.7 Kb)
Interrupt:10 Base address:0xdc00
eth1 Link encap:Ethernet HWaddr 00:01:03:C1:F6:33
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:277 errors:0 dropped:0 overruns:0 frame:0
TX packets:167 errors:0 dropped:0 overruns:0 carrier:1
collisions:0 txqueuelen:1000
RX bytes:22108 (21.5 Kb) TX bytes:13091 (12.7 Kb)
Interrupt:11 Base address:0xe400
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
|
|
|
04-25-2006, 01:17 PM
|
#17
|
Member
Registered: Jan 2006
Location: Macomb, IL
Distribution: Slackware 13.1
Posts: 152
Original Poster
Rep:
|
Any help???
|
|
|
04-25-2006, 02:52 PM
|
#18
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
Based on the info you're providing? Nope.
Please post the output of "iptables -L" in code-tags.
And don't bump your posts before 24 hours are up, that's one
of LQs few rules.
Cheers,
Tink
|
|
|
04-25-2006, 04:09 PM
|
#19
|
Member
Registered: Jan 2006
Location: Macomb, IL
Distribution: Slackware 13.1
Posts: 152
Original Poster
Rep:
|
iptables -L
Code:
Chain BAD_IP (7 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 1/sec burst 3 LOG level error prefix `IPT: BAD IP: '
DROP all -- anywhere anywhere
Chain EXT_FIREWALL (1 references)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
SPOOF all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:http state NEW
LOG all -- anywhere anywhere limit: avg 1/sec burst 3 LOG level error prefix `IPT: EXT_FIREWALL: '
DROP all -- anywhere anywhere
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
INT_FIREWALL all -- anywhere anywhere
EXT_FIREWALL all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
IN_NETWORK all -- anywhere anywhere
OUT_NETWORK all -- anywhere anywhere
Chain INT_FIREWALL (1 references)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere
Chain IN_NETWORK (1 references)
target prot opt source destination
DROP all -- anywhere anywhere state INVALID
SPOOF all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 1/sec burst 3 LOG level error prefix `IPT: IN_NETWORK: '
DROP all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain OUT_NETWORK (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 1/sec burst 3 LOG level error prefix `IPT: OUT_NETWORK: '
DROP all -- anywhere anywhere
Chain SPOOF (2 references)
target prot opt source destination
BAD_IP all -- 0.0.0.0/8 anywhere
BAD_IP all -- 10.0.0.0/8 anywhere
BAD_IP all -- loopback/8 anywhere
BAD_IP all -- 169.254.0.0/16 anywhere
BAD_IP all -- 172.16.0.0/12 anywhere
BAD_IP all -- 192.168.0.0/16 anywhere
BAD_IP all -- 255.255.255.255 anywhere
|
|
|
04-28-2006, 11:59 PM
|
#20
|
Member
Registered: Jan 2006
Location: Macomb, IL
Distribution: Slackware 13.1
Posts: 152
Original Poster
Rep:
|
Problem solved. It wasn't a problem with the firewall or masquerading but I didnt set up any DNS server for the home network so I am just using ISP's for now until I can figure it out.
|
|
|
04-29-2006, 01:17 AM
|
#21
|
LQ Guru
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678
Rep:
|
I'd suggest that DNS servers are more difficult to set up than a generic firewall script, so unless you particularly need to use one on your netwoek, stick with the ISP's and use your hosts files for home.
|
|
|
04-29-2006, 03:18 AM
|
#22
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
Quote:
Originally Posted by barn63
Problem solved. It wasn't a problem with the firewall or masquerading but I didnt set up any DNS server for the home network so I am just using ISP's for now until I can figure it out.
|
I'm confused ... who or what did you ping how without
name resolution?
Cheers,
Tink
|
|
|
04-29-2006, 03:38 AM
|
#23
|
Senior Member
Registered: Feb 2006
Location: Seattle, WA: USA
Distribution: Slackware 11.0
Posts: 1,191
Rep:
|
Quote:
Problem solved. It wasn't a problem with the firewall or masquerading but I didnt set up any DNS server for the home network so I am just using ISP's for now until I can figure it out.
|
I would suggest using dnsmasq. It works great for setting up a basic router. It works as a dhcp server with basic dns caching and other nifty dns features. Just edit the /etc/dnsmasq.conf to set up your rules and make /etc/rc.d/rc.dnsmasq executable to run it.
regards,
...drkstr
|
|
|
All times are GMT -5. The time now is 12:33 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|