Chris Low wrote:
OK, your troubles are beginning to make sense. Your ISP is assigning you a private IP that just happens to be within the range of IP's used by default on Dachstein's internal network. As Ray has mentioned, this will cause all sorts of problems with everything from low-level routing table issues to overlapping firewall rules.Ray, thanks for working with me on this.Chris -- Your routing table is sufficiently a mess that your problems are probably a by-product of that.I'm not even sure how to edit the routing table. The only thing I did was th initial configuration (load the rtl8139 modules for my NICs, set the MAX_LOOP setting to 2, named the firewall, changed $HOSTNAME.private.network to $HOSTNAME.esimail.org, added a password, and setup sshd, saved it all and rebooted. I've tried various other things in the past, but none of it worked so I reimaged my boot floppy and started over from scratch.
You have both interfaces (eth0 and eth1) on the same /24 network (192.168.1.0/24):I think because dhcp is handled by the ISP's router and is assigning them both. What can I do about this?
What you need to do is get your internal network and external network into two seperate, non-overlapping IP ranges. Since it's probably unlikely you can get your ISP to change your upstream network (unless the router they gave you is playing firewall/masquerading box, in which case it might be possible to change the IP range, or even put the router into transparent or bridging mode, allowing your Dachstein box to do the masquerading and giving you a public IP in the process...we'll need to know lots more details about what sort of connection you have from the ISP and the hardware they gave you to help out with this one).
<whew> Anyway, to get up and running quickly, your best bet is to change the internal network on Dachstein, since you have full control over this. Start by editing /etc/network.conf, and change all 192.168.1.x numbers to something else (like 192.168.2.x). That (combined with the edits to /etc/ipfilter.conf to allow private IP's on the external interface, which you indicated you already did) should be enough to get the Dachstein box connected to your ISP.
Getting your internal workstations working properly will require several other changes, including (but probably not limited to...this is off the top of my head):
- Update /etc/dhcpd.conf with new network information
- Update dnscache configuration to allow queries from new network
- Update /etc/hosts.allow to enable access to weblet
That should get you started, and once you have the dhcpd.conf file changed, your internal workstations should be able to at least get an IP and ping (by address...name resolution won't work until dnscache is updated properly or you switch to using your ISP's name servers).
Look for other configuration files to change by grep-ing for the 192.168 range in etc:
grep 192.168.1 /etc/*
Once you get some sort of basic connectivity, e-mail any specific problems to the list, and we can get you up an running quickly.
--
Charles Steinkuehler
[EMAIL PROTECTED]
-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
