This is my first time on this list, so please be gentle. :)

After reading all the docs, previewing the logs, and lurking on this list for 
a while I finally decided to try Bering. My goal is to get the 
three-interfaces setup on Shorewall along with the pptp server to allow 
access to the DMZ from both the Loc and Net zones. Leaving aside pptp for 
now, I've managed to get Bering working with my three NICs, dispensing IPs on 
eth1 (loc) and eth2 (dmz) w/ dhcp, and picking up a dynamic ip with pump on 
eth0 (net). 

But that's as far as I've got. So far I can't ping out from the Bering machine 
with shorewall started, getting this error:

# ping
PING ( 56 data bytes
ping: sendto: Operation not permitted

which I've identified as most likely being routing related. Similarly, I can't 
ping machines on the loc or dmz subnets, i.e.:

# ping
PING ( 56 data bytes
ping: sendto: Operation not permitted

Finally, I can't ping the bering box from either the dmz or loc subnets - 
attempts to do so just time out. 

When I try these tests with shorewall turned off I can ping the machines on 
the loc and dmz networks from the bering box, and ping the bering box from 
said networks, but can't ping out to the Net at large attempts to do so 
result in:

# ping
ping: unknown host

Trying to ping the Net at large from the bering box gives me this error:

# ping
ping: Host name lookup failure

When I ping the bering box from the Net I get zero results - it just times 

Most frustratingly, no messages appear in the logs on the Bering machine when 
I try any of the above. I can see that DNS resolution only occurs when 
shorewall is up and that shorewall is blocking ping probes, but can't 
pinpoint where that problem stems from.

My main concern is that I would like to be able to debug this myself and don't 
know where to start. My first instinct is to reach for tcpdump, but it's not 
available on Bering. Given that I copied the three-interfaces file set for 
shorewall and otherwise followed the Installation guide more or less exactly 
I'd rather not just dump all my .conf files on this list - but can anyone 
give me any advice on where to start debugging this otherwise?

There are only two suspicious things I can see with the LRP load sequence:
1) when booting, shorewall gives me this error: .: Can't open 
2) ip addr show lists the first interface as lo, the third, fourth, and five 
interface as eth 0, eth1, and eth 2 respectively, but the second interface is 
listed as dummy0, with no inet or brd addresses. What does this mean?

Thanks for any and all help,

This email is sponsored by:
With Great Power, Comes Great Responsibility 
Learn to use your power at OSDN's High Performance Computing Channel
leaf-user mailing list: [EMAIL PROTECTED]

Reply via email to