Thanks all on list for your patience. I have been moving my entire household, so being focused on the firewall for more than an hour at a time has been tough. First, let me say that I will get the latest Dachstein (or other Berg) floppy burned at first opportunity. One question at this point: What are the advantages of, say, Bering on floppy compared to Dachstein? I am using an old IBM Aptiva (Pentium 1, 166 mhz, 16Mbyte RAM) which has been rock-solid (or was when on DSL back in Raleigh).
But, here is an update on this rather wierd problem. The Dachstein firewall has allowed access more-or-less continuously for several days now, since the last reboot. The "less" part has been that every so often it appears that DNS service "goes away", that is hosts become unreachable. I can still ping the firewall's gateway addr (192.168.1.254) during these periods. The lease periods on the cable side of the firewall are 4-hour leases, and the internal side of the firewall gives IP leases of 12 hours. So possible explanations include 1) temporary lease "fumbling" every 4 hours. 2) flaky, overloaded DNS servers at Charter (what a surprise...) Let me pursue a more recent Dachstein (or maybe Bering?) and see if the problem persists. Thanks again.. Erich Titl wrote: > Hello > > At 23:51 24.07.2002, you wrote: > >> On Wed, 24 Jul 2002 22:19:26 +0200 Eric Titl wrote: >> >> > Hi >> > >> > Brad Fritz wrote the following at 17:56 24.07.2002: >> > >> > >On Wed, 24 Jul 2002 11:42:17 EDT Dr. Richard W. Tibbs wrote: >> > > >> > >.......> dmesg outputs a lot of identical lines like: >> > > > Packet log: input DENY eth0 PROTO=17 10.1.20.1:67 >> 255.255.255.255:68 >> > > > L=328 S=0x0 I=414nn F=0x000 T=255 (#8) >> > > >> > >Nothing to worry about. Just a host on the eth0 side broadcasting >> > >for a DHCP lease. >> > >> > I am not sure it's that irrelevant if an external host with a 10.1.20.1 >> > broadcasts for a DHCP lease. It may be misconfigured or we may have a >> > rfc1918 network .... >> >> You're right, Erich, I probably dismissed the rfc1918 traffic too >> quickly. The output of "ip addr show eth0" would shed more light >> on the situataion. I don't have a dhclient machine handy, but I >> believe there is a status file in /etc/dhclient or /var/ somewhere >> (or output in /var/log/syslog) that gives information about what >> dhclient has done recently. That information would also help us >> understand what's going on. Dr. Tibbs did say in an earlier posting: >> >> > IPSEND=24.yyy.xxx.56 /* latest external IP via the cable modem & >> > dhcp, anonimized for our protection */ >> >> so I assumed (and we all know what that stands for) that he was >> assigned a public address. yes, the public addr is fine on the external side. ip addr eth0 show looks normal with 24.yyy.xxx.165/22 for example. > > > I think we are all living here on assumptions and the time spent on this > particular problem suggests a more problem oriented approach > > 1) unless there is specfic reason I would move to a recent dachstein > floppy (just because) > 2) we need more info as specified in > http://sourceforge.net/docman/display_doc.php?docid=1891&group_id=13751 > 3) unless I missed it the name of the ISP, someone else on the list > might have information.... > > HTH > Erich > > THINK > P�ntenstrasse 39 > 8143 Stallikon > mailto:[EMAIL PROTECTED] > PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 > > > > ------------------------------------------------------- > This sf.net email is sponsored by: Jabber - The world's fastest growing > real-time communications platform! Don't just IM. Build it in! > http://www.jabber.com/osdn/xim > ------------------------------------------------------------------------ > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
