I think this is the problem >>LRP=root,dhcpd,etc,local,modules,iptables,shorwall,dnscache,weblet
Not enough packages there by the look of it.., You said you have a DSL modem.. you should use the PPPOE package to get online... See: Adding a new package http://leaf.sourceforge.net/devel/jnilo/biaddrm.html#AEN637 Then See: PPPOE.lrp http://leaf.sourceforge.net/devel/jnilo/bipack1.html#AEN1050 ----- Original Message ----- From: "Jeremy A Tourville" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, January 24, 2003 4:03 PM Subject: Re: [leaf-user] Trouble getting to the Web (2nd time) > OK, second attempt. Upon following Ray's advice I did some ping testing. > (BTW, thanks for the reminder about the FAQ section) I am gettiing a > type 1 ping error when I try to ping my gateway from my router console. > I am able to ping both interfaces on the router successfully from my > internal client. If I substitute the router for my already working Red > Hat system I am able to ping my gateway just fine so I feel pretty > confident the problem is with my router configuration. My other questions > is what other diagnostic info is needed? <You provided some of what we > need to see, but not all.> I looked at the section about posting > diagnostics. I was unable to get the diagnostics for any of the IP > masqerading sections. (when I typed in the commands that were listed in > that section I get a message back (file):not found. So IP masqerading is > not installed?) > My ISP has assigned me the following with a DSL Modem: > > >Static IP 66.202.48.231 > > >Gateway 66.202.48.1 > > >DNS 216.47.224.66 and 216.47.224.48 > > >My Windows 9x clients are set to obtain IP address automatically and > use DHCP for WINS resoloution > > Below is all the diagnostics I was able to obtain following the examples > given > > > Jan 22 21:58:09 firewall syslogd 1.3-3#31.slink1: restart. > Jan 22 21:58:09 firewall kernel: klogd 1.3-3#31.slink1, log source = > /proc/kmsg started. > Jan 22 21:58:09 firewall kernel: Cannot find map file. > Jan 22 21:58:09 firewall kernel: Loaded 9 symbols from 6 modules. > Jan 22 21:58:09 firewall kernel: Linux version 2.4.18 (root@uml_woody) > (gcc version 2.95.4 20011002 (Debian prerelease)) #1 Sun Nov 10 17:40:20 > UTC 2002 > Jan 22 21:58:09 firewall kernel: BIOS-provided physical RAM map: > Jan 22 21:58:09 firewall kernel: BIOS-88: 0000000000000000 - > 000000000009f000 (usable) > Jan 22 21:58:09 firewall kernel: BIOS-88: 0000000000100000 - > 0000000001000000 (usable) > Jan 22 21:58:09 firewall kernel: On node 0 totalpages: 4096 > Jan 22 21:58:09 firewall kernel: zone(0): 4096 pages. > Jan 22 21:58:09 firewall kernel: zone(1): 0 pages. > Jan 22 21:58:09 firewall kernel: zone(2): 0 pages. > Jan 22 21:58:09 firewall kernel: Kernel command line: BOOT_IMAGE=linux > initrd=initrd.lrp init=/linuxrc root=/dev/ram0 boot=/dev/fd0u1680:msdos > PKGPATH=/dev/fd0u1680 > LRP=root,dhcpd,etc,local,modules,iptables,shorwall,dnscache,weblet > Jan 22 21:58:09 firewall kernel: Initializing CPU#0 > Jan 22 21:58:09 firewall kernel: Console: colour VGA+ 80x25 > Jan 22 21:58:09 firewall kernel: Calibrating delay loop... 33.17 BogoMIPS > > Jan 22 21:58:09 firewall kernel: Memory: 13916k/16384k available (907k > kernel code, 2080k reserved, 232k data, 60k init, 0k highmem) > Jan 22 21:58:09 firewall kernel: Checking if this processor honours the > WP bit even in supervisor mode... Ok. > Jan 22 21:58:09 firewall kernel: Dentry-cache hash table entries: 2048 > (order: 2, 16384 bytes) > Jan 22 21:58:09 firewall kernel: Inode-cache hash table entries: 1024 > (order: 1, 8192 bytes) > Jan 22 21:58:09 firewall kernel: Mount-cache hash table entries: 512 > (order: 0, 4096 bytes) > Jan 22 21:58:09 firewall kernel: Buffer-cache hash table entries: 1024 > (order: 0, 4096 bytes) > Jan 22 21:58:09 firewall kernel: Page-cache hash table entries: 4096 > (order: 2, 16384 bytes) > Jan 22 21:58:09 firewall kernel: CPU: Intel 486 DX/2 stepping 05 > Jan 22 21:58:09 firewall kernel: Checking 'hlt' instruction... OK. > Jan 22 21:58:09 firewall kernel: POSIX conformance testing by UNIFIX > Jan 22 21:58:09 firewall kernel: PCI: System does not support PCI > Jan 22 21:58:09 firewall kernel: Linux NET4.0 for Linux 2.4 > Jan 22 21:58:09 firewall kernel: Based upon Swansea University Computer > Society NET3.039 > Jan 22 21:58:09 firewall kernel: Initializing RT netlink socket > Jan 22 21:58:09 firewall kernel: Starting kswapd > Jan 22 21:58:09 firewall kernel: pty: 256 Unix98 ptys configured > Jan 22 21:58:09 firewall kernel: Serial driver version 5.05c (2001-07-08) > with MANY_PORTS SHARE_IRQ DETECT_IRQ SERIAL_PCI enabled > Jan 22 21:58:09 firewall kernel: ttyS00 at 0x03f8 (irq = 4) is a 16450 > Jan 22 21:58:09 firewall kernel: ttyS01 at 0x02f8 (irq = 3) is a 16450 > Jan 22 21:58:09 firewall kernel: Software Watchdog Timer: 0.05, timer > margin: 60 sec > Jan 22 21:58:09 firewall kernel: block: 64 slots per queue, batch=16 > Jan 22 21:58:09 firewall kernel: RAMDISK driver initialized: 16 RAM disks > of 4096K size 1024 blocksize > Jan 22 21:58:09 firewall kernel: Floppy drive(s): fd0 is 1.44M > Jan 22 21:58:09 firewall kernel: FDC 0 is an 8272A > Jan 22 21:58:09 firewall kernel: NET4: Linux TCP/IP 1.0 for NET4.0 > Jan 22 21:58:09 firewall kernel: IP Protocols: ICMP, UDP, TCP, IGMP > Jan 22 21:58:09 firewall kernel: IP: routing cache hash table of 512 > buckets, 4Kbytes > Jan 22 21:58:09 firewall kernel: TCP: Hash tables configured (established > 1024 bind 1024) > Jan 22 21:58:09 firewall kernel: Linux IP multicast router 0.06 plus > PIM-SM > Jan 22 21:58:09 firewall kernel: ip_conntrack version 2.0 (128 buckets, > 1024 max) - 312 bytes per conntrack > Jan 22 21:58:09 firewall kernel: ip_tables: (C) 2000-2002 Netfilter core > team > Jan 22 21:58:09 firewall kernel: NET4: Unix domain sockets 1.0/SMP for > Linux NET4.0. > Jan 22 21:58:09 firewall kernel: RAMDISK: Compressed image found at block > 0 > Jan 22 21:58:09 firewall kernel: Freeing initrd memory: 401k freed > Jan 22 21:58:09 firewall kernel: VFS: Mounted root (minix filesystem). > Jan 22 21:58:09 firewall kernel: Freeing unused kernel memory: 60k freed > Jan 22 21:58:09 firewall kernel: eth0: 3c5x9 at 0x320, 10baseT port, > address 00 20 af a7 0e 71, IRQ 11. > Jan 22 21:58:09 firewall kernel: 3c509.c:1.18a [EMAIL PROTECTED] > Jan 22 21:58:09 firewall kernel: http://www.scyld.com/network/3c509.html > Jan 22 21:58:09 firewall kernel: eth1: 3c5x9 at 0x300, 10baseT port, > address 00 20 af bc 1d d8, IRQ 10. > Jan 22 21:58:09 firewall kernel: 3c509.c:1.18a [EMAIL PROTECTED] > Jan 22 21:58:09 firewall kernel: http://www.scyld.com/network/3c509.html > Jan 22 21:58:09 firewall kernel: CSLIP: code copyright 1989 Regents of > the University of California > Jan 22 21:58:09 firewall kernel: eth0: Setting Rx mode to 1 addresses. > Jan 22 21:58:09 firewall kernel: eth1: Setting Rx mode to 0 addresses. > Jan 22 21:58:09 firewall kernel: eth1: Setting Rx mode to 1 addresses. > Jan 22 21:58:09 firewall kernel: spurious 8259A interrupt: IRQ7. > Jan 22 21:58:44 firewall root: Shorewall Started > > 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 brd 127.255.255.255 scope host lo > 2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop > link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff > 3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 > link/ether 00:20:af:a7:0e:71 brd ff:ff:ff:ff:ff:ff > inet 66.202.48.231/24 brd 66.202.48.255 scope global eth0 > 4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 > link/ether 00:20:af:bc:1d:d8 brd ff:ff:ff:ff:ff:ff > inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1 > > 66.202.48.0/24 dev eth0 proto kernel scope link src 66.202.48.231 > 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.254 > default via 66.202.48.1 dev eth0 > > Chain INPUT (policy DROP 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > 0 0 ACCEPT ah -- lo * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 eth0_in ah -- eth0 * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 eth1_in ah -- eth1 * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 common ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 LOG ah -- * * 0.0.0.0/0 > 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:' > 0 0 reject ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain FORWARD (policy DROP 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > 0 0 eth0_fwd ah -- eth0 * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 eth1_fwd ah -- eth1 * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 common ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 LOG ah -- * * 0.0.0.0/0 > 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:' > > 0 0 reject ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain OUTPUT (policy DROP 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > 0 0 DROP icmp -- * * 0.0.0.0/0 > 0.0.0.0/0 state INVALID > 0 0 ACCEPT ah -- * lo 0.0.0.0/0 > 0.0.0.0/0 > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW,RELATED,ESTABLISHED > 0 0 fw2net ah -- * eth0 0.0.0.0/0 > 0.0.0.0/0 > 0 0 all2all ah -- * eth1 0.0.0.0/0 > 0.0.0.0/0 > 0 0 common ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 LOG ah -- * * 0.0.0.0/0 > 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:' > 0 0 reject ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain all2all (2 references) > pkts bytes target prot opt in out source > destination > 0 0 ACCEPT ah -- * * 0.0.0.0/0 > 0.0.0.0/0 state RELATED,ESTABLISHED > 0 0 newnotsyn tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW tcp flags:!0x16/0x02 > 0 0 common ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 LOG ah -- * * 0.0.0.0/0 > 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:' > > 0 0 reject ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain common (5 references) > pkts bytes target prot opt in out source > destination > 0 0 icmpdef icmp -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 DROP tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 state INVALID > 0 0 REJECT udp -- * * 0.0.0.0/0 > 0.0.0.0/0 udp dpts:137:139 reject-with icmp-port-unreachable > 0 0 REJECT udp -- * * 0.0.0.0/0 > 0.0.0.0/0 udp dpt:445 reject-with icmp-port-unreachable > 0 0 reject tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:135 > 0 0 DROP udp -- * * 0.0.0.0/0 > 0.0.0.0/0 udp dpt:1900 > 0 0 DROP ah -- * * 0.0.0.0/0 > 255.255.255.255 > 0 0 DROP ah -- * * 0.0.0.0/0 > 224.0.0.0/4 > 0 0 reject tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:113 > 0 0 DROP udp -- * * 0.0.0.0/0 > 0.0.0.0/0 udp spt:53 state NEW > 0 0 DROP ah -- * * 0.0.0.0/0 > 66.202.255.255 > 0 0 DROP ah -- * * 0.0.0.0/0 > 192.168.1.255 > > Chain dynamic (4 references) > pkts bytes target prot opt in out source > destination > > Chain eth0_fwd (1 references) > pkts bytes target prot opt in out source > destination > 0 0 dynamic ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 rfc1918 ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 net2all ah -- * eth1 0.0.0.0/0 > 0.0.0.0/0 > > Chain eth0_in (1 references) > pkts bytes target prot opt in out source > destination > 0 0 dynamic ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 rfc1918 ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 > 0.0.0.0/0 icmp type 8 > 0 0 net2all ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain eth1_fwd (1 references) > pkts bytes target prot opt in out source > destination > 0 0 dynamic ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 loc2net ah -- * eth0 0.0.0.0/0 > 0.0.0.0/0 > > Chain eth1_in (1 references) > pkts bytes target prot opt in out source > destination > 0 0 dynamic ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 > 0.0.0.0/0 icmp type 8 > 0 0 loc2fw ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain fw2net (1 references) > pkts bytes target prot opt in out source > destination > 0 0 ACCEPT ah -- * * 0.0.0.0/0 > 0.0.0.0/0 state RELATED,ESTABLISHED > 0 0 newnotsyn tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW tcp flags:!0x16/0x02 > 0 0 ACCEPT tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW tcp dpt:53 > 0 0 ACCEPT udp -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW udp dpt:53 > 0 0 ACCEPT ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain icmpdef (1 references) > pkts bytes target prot opt in out source > destination > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 > 0.0.0.0/0 icmp type 8 > > Chain loc2fw (1 references) > pkts bytes target prot opt in out source > destination > 0 0 ACCEPT ah -- * * 0.0.0.0/0 > 0.0.0.0/0 state RELATED,ESTABLISHED > 0 0 newnotsyn tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW tcp flags:!0x16/0x02 > 0 0 ACCEPT tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW tcp dpt:22 > 0 0 ACCEPT udp -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW udp dpt:53 > 0 0 ACCEPT tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW tcp dpt:80 > 0 0 all2all ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain loc2net (1 references) > pkts bytes target prot opt in out source > destination > 0 0 ACCEPT ah -- * * 0.0.0.0/0 > 0.0.0.0/0 state RELATED,ESTABLISHED > 0 0 newnotsyn tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW tcp flags:!0x16/0x02 > 0 0 ACCEPT ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain logdrop (27 references) > pkts bytes target prot opt in out source > destination > 0 0 LOG ah -- * * 0.0.0.0/0 > 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:rfc1918:DROP:' > 0 0 DROP ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain net2all (2 references) > pkts bytes target prot opt in out source > destination > 0 0 ACCEPT ah -- * * 0.0.0.0/0 > 0.0.0.0/0 state RELATED,ESTABLISHED > 0 0 newnotsyn tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW tcp flags:!0x16/0x02 > 0 0 common ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 LOG ah -- * * 0.0.0.0/0 > 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2all:DROP:' > 0 0 DROP ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain newnotsyn (5 references) > pkts bytes target prot opt in out source > destination > 0 0 DROP ah -- * * 0.0.0.0/0 > 0.0.0.0/0 > > Chain reject (6 references) > pkts bytes target prot opt in out source > destination > 0 0 REJECT tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 reject-with tcp-reset > 0 0 REJECT ah -- * * 0.0.0.0/0 > 0.0.0.0/0 reject-with icmp-port-unreachable > > Chain rfc1918 (2 references) > pkts bytes target prot opt in out source > destination > 0 0 RETURN ah -- * * 255.255.255.255 > 0.0.0.0/0 > 0 0 DROP ah -- * * 169.254.0.0/16 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 172.16.0.0/12 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 192.0.2.0/24 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 192.168.0.0/16 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 0.0.0.0/7 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 2.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 5.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 7.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 10.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 23.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 27.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 31.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 36.0.0.0/7 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 39.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 41.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 42.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 58.0.0.0/7 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 60.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 70.0.0.0/7 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 72.0.0.0/5 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 82.0.0.0/7 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 84.0.0.0/6 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 88.0.0.0/5 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 96.0.0.0/3 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 127.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 197.0.0.0/8 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 222.0.0.0/7 > 0.0.0.0/0 > 0 0 logdrop ah -- * * 240.0.0.0/4 > 0.0.0.0/0 > > Chain shorewall (0 references) > pkts bytes target prot opt in out source > destination > > > > One thought ... are the workstations relying on the external DNS > > servers, > > or do you have a DNS forwarder running on the LAN (ehtier on the > > router or > > a separate workstation)? In either case, how are you telling the > > workstations what DNS servers to use? > I added my DNS servers to the default values that are in /etc/resolv.conf > I have no other references to DNS servers. Are there other places it > needs to be configured? > > I hope I have given enough info this time to help you assist me. My > deepest gratitude for your patience and willingness to assist me. > > PS. I just noticed as I went through the diagnostic info that my output > from ip addr show lists my eth0 as having a netmask length of 24. > Shouldn't it be 16? What config file needs to be changed? > My etc/network/interfaces file is as follows > > auto eth0 > iface eth0 inet static > address 66.202.48.231 > masklen 16 > broadcast 66.202.255.255 > gateway 66.202.48.1 > > . > > > ------------------------------------------------------- > This SF.NET email is sponsored by: > SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! > http://www.vasoftware.com > ------------------------------------------------------------------------ > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html