> I'm trying to test a LEAF Bering firewall, with just two interfaces at > present. I'm not sure if I have a routing problem, a DNS problem, or a > shorewall problem. I downloaded a tcpdump.lrp and the libp, but these > were for a 2.2 kernel series. Tcpdump works, but it appears to accumulate > a lot of traffic before it displays anything. In other words, I don't > trust it.
Since you're having DNS problems, are you using the -n switch on tcpdump, so it's not trying to resolve IP addresses before it prints? > On eth0, I have a dsl connection. eth0 is the default (route) dev. > > On eth3, I have a test machine, 192.168.8.23 OK, how do you have only eth0 and eth3 on a two interface machine? What's happened to eth1 & eth2? > The firewall on eth3 is 192.168.8.22, with the name franklin, and > 192.168.8.2, with the name dns2. Interfaces are eth3, and eth3:0. > > From the fw and from the test machine, I can ping the gateway on the dsl > connection using it's IP number. After some delay, tcpdump shows traffic > on eth0. > > If I ping by name, i.e.yahoo.com, however, there is no eth0 traffic. The > test machine can only do a lookup using dns2, which should be dnscache. > And it should pass the request up and out on eth0. What am I missing? > dnscache shows up in the process list. How can I see what requests it > gets? Sounds like you've got some sort of problem with your DNS settings. I don't know enough about Bering's default setup to be able to help you without any details regarding your configuration. Note that DNSCache is pretty paranoid, and must be setup properly or it will simply ignore DNS requests. You might try using the nslookup, dig, and host DNS debugging tools to find out what's wrong, and posting more details about your setup (ie DNSCache configration settings, contents of /etc/resolv.conf, DNS settings on your internal system, &c) would help us help you. Of course, we'll need to see even more configuration information if you've got a routing or shorewall problem...see the "how do I request help" section of the support page at the LEAF site: http://leaf-project.org/mod.php?mod=userpage&menu=11&page_id=4 Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
