Re: [leaf-user] interal network card not responding properly

ray Tue, 07 Feb 2006 14:40:07 -0800

Eric,

Thank you very much for your help. I was able to get the DHCPworking by plugging the eth1 cable into the "other" ports. so now thenext step i need to do is get a computer with a static IP to work.because the enviroment that i have is going to have 2 comptuers behindthis firewall. One will have the DHCP (which works now) and the othercomptuer has a static IP. now for the static IP do i need to haveanother network card, ie. eth2, or can i configure eth1 to allow thestatic ip access. I tried using the static IP computer on the currentconfiguation but that did not work. I also tried adding the IP to thehost.allowed file but that did not work either. Can you please give mesome insight on how i might go about doing this?


thanks
-Ray


Eric Spakman wrote:

Hello Ray,

The uplink port is probably a "crosslink" port and the plug in the wall
has some sort of switch or hub behind it (at the ISP side). If you connect
the hub to the plug in the wall it's a hub-hub or hub-switch connection
and you need a "crosscable" or uplink port for it. If you connect a router
to a switch or hub, you need a "straight" cable (just like a PC connected
to a hub). The firewall/router with a crosscable connected to the uplink
port will probably also work.

Eric

Eric,
Thank you for your quick response.  The reason i suggested that eth1
needed to be plugged into the "uplink" port is because if i totaly bypass
teh firewall and plug straight from the wall to the hub, i have to use the
uplink port.  If i use any other port then my network will not work at
all.  but i will try your suggestion and see what happens. I have 2
computers here, one using DHCP and one with a static IP.  so ill give that
a shot and see if i get anything on either of those computers.

Thanks
-Ray


Eric Spakman wrote:

Hello Ray,


I don't think eth1 "is supposed to be plugged" in the uplink port. Most
hubs have an "uplink" port that is used to connect multiple hubs with
eachother. You could try with a crosslink UTP cable, but I would
suggest to just use one of the "other" ports for eth1 and connect the
clients to the remaining ports.

The output of the various logs look ok to me, the interfaces are
brought up and have an ip-address.

Eric

Hello,
right now im just trying to get a a simple setup going, then build on
that. I have my 2 network cards in there, the drivers are loaded
successfully, and i was able to verify they both worked.  I did this
by trying them both out as eth0, and I was able to successly ping the
firewall from another computer as well as ping from the firewall to
an outside location with each network card.  now the problem that I am
having is that for some reason my internal network card, eth1, is not
sending out any traffic like it is supposed to be.  to be more
specific no traffic is being sent at all. I have a hub setup and this
is what im experiencing with that.

1.  When i plug eth1 into the uplink port like it is supposed to be,
the port light is off and there is no traffic on that port.  all
network card lights are off.

2.  When i plug eth1 into any of the other ports that the receving
computers are suppoed to plug into, the port lights up and the lights
on the network card itself start flashing like there is traffic going
on.

it almost seems as if eth1 is acting like a reciever, instead of
distributing IP's like it is supposed to.  can anyone please help me
out with this problem.  ive spent the past few days on this and i
really need to get this figured out.  I will post the output to some
commands below.

Thanks
-Ray




UNAME
Linux firewall 2.4.20 #1 Sun May 11 18:53:34 CEST 2003 i686 unknown



ADDR SHOW
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8
brd 127.255.255.255 scope host lo
2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 3: eth0:
<BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:10:5a:18:ff:c3 brd ff:ff:ff:ff:ff:ff inet
138.23.75.45/24 brd
138.23.75.255 scope global eth0
4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:a0:cc:67:d6:2d brd ff:ff:ff:ff:ff:ff inet 192.168.1.1/24
brd 192.168.1.255 scope global eth1



SHOW ROUTE
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.1
138.23.75.0/24 dev eth0  proto kernel  scope link  src 138.23.75.45
default via 138.23.75.1 dev eth0

MESSAGE LOG
Feb  7 11:51:09 firewall syslogd 1.3-3#31.slink1: restart.
Feb  7 11:51:09 firewall kernel: klogd 1.3-3#31.slink1, log source =
/proc/kmsg started.
Feb  7 11:51:09 firewall kernel: No module symbols loaded.
Feb  7 11:51:09 firewall kernel: BIOS-provided physical RAM map:
Feb  7 11:51:09 firewall kernel: 128MB LOWMEM available.
Feb  7 11:51:09 firewall kernel: Initializing CPU#0
Feb  7 11:51:09 firewall kernel: Memory: 127360k/131072k available
(948k
kernel code, 3312k reserved, -1176k data, 64k init, 0k highmem) Feb  7
11:51:09 firewall kernel: Dentry cache hash table entries: 16384
(order: 5, 131072 bytes)
Feb  7 11:51:09 firewall kernel: Inode cache hash table entries: 8192
(order: 4, 65536 bytes)
Feb  7 11:51:09 firewall kernel: CPU: L1 I cache: 16K, L1 D cache: 16K
Feb  7 11:51:09 firewall kernel: CPU: L2 cache: 512K
Feb  7 11:51:09 firewall kernel: Enabling fast FPU save and restore...
done. Feb  7 11:51:09 firewall kernel: Checking 'hlt' instruction...
OK.
Feb  7 11:51:09 firewall kernel: PCI: PCI BIOS revision 2.10 entry at
0xfd9a3, last bus=1
Feb  7 11:51:09 firewall kernel: PCI: Using configuration type 1
Feb  7 11:51:09 firewall kernel: PCI: Probing PCI hardware
Feb  7 11:51:09 firewall kernel: PCI: Using IRQ router PIIX
[8086/7110]
at 00:07.0 Feb  7 11:51:09 firewall kernel: Limiting direct PCI/PCI
transfers. Feb  7 11:51:09 firewall kernel: Linux NET4.0 for Linux
2.4
Feb  7 11:51:09 firewall kernel: Based upon Swansea University
Computer
Society NET3.039
Feb  7 11:51:09 firewall kernel: Serial driver version 5.05c
(2001-07-08) with MANY_PORTS SHARE_IRQ DETECT_IRQ SERIAL_PCI enabled
Feb  7 11:51:09 firewall kernel: ttyS00 at 0x03f8 (irq = 4) is a
16550A
Feb  7 11:51:09 firewall kernel: ttyS01 at 0x02f8 (irq = 3) is a
16550A
Feb  7 11:51:09 firewall kernel: Real Time Clock Driver v1.10e
Feb  7 11:51:09 firewall kernel: Software Watchdog Timer: 0.05, timer
margin: 60 sec
Feb  7 11:51:09 firewall kernel: Floppy drive(s): fd0 is 1.44M
Feb  7 11:51:09 firewall kernel: FDC 0 is a post-1991 82077
Feb  7 11:51:09 firewall kernel: NET4: Linux TCP/IP 1.0 for NET4.0
Feb  7 11:51:09 firewall kernel: IP Protocols: ICMP, UDP, TCP, IGMP
Feb  7 11:51:09 firewall kernel: IP: routing cache hash table of 1024
buckets, 8Kbytes Feb  7 11:51:09 firewall kernel: TCP: Hash tables
configured (established 8192 bind 8192) Feb  7 11:51:09 firewall
kernel: NET4: Unix domain sockets 1.0/SMP for
Linux NET4.0.
Feb  7 11:51:09 firewall kernel: RAMDISK: Compressed image found at
block 0
Feb  7 11:51:09 firewall kernel: Freeing initrd memory: 401k freed
Feb  7 11:51:09 firewall kernel: Freeing unused kernel memory: 64k
freed Feb  7 11:51:09 firewall kernel: pci-scan.c:v1.11 8/31/2002
Donald
Becker <[EMAIL PROTECTED]> http://www.scyld.com/linux/drivers.html
Feb  7 11:51:09 firewall kernel: 3c59x.c:v0.99Xf 11/17/2002 Donald
Becker, [EMAIL PROTECTED]
Feb  7 11:51:09 firewall kernel:
http://www.scyld.com/network/vortex.html
Feb  7 11:51:09 firewall kernel: eth0: 3Com 3c905B Cyclone 100baseTx
at 0x1400,  00:10:5a:18:ff:c3, IRQ 9
Feb  7 11:51:09 firewall kernel:   8K buffer 5:3 Rx:Tx split,
autoselect/Autonegotiate interface. Feb  7 11:51:09 firewall kernel:
MII
transceiver found at address 24, status 786d. Feb  7 11:51:09 firewall
kernel:   MII transceiver found at address 0,
status 786d. Feb  7 11:51:09 firewall kernel:   Using bus-master
transmits and whole-frame receives. Feb  7 11:51:09 firewall kernel:
tulip.c:v0.95f
11/17/2002  Written by
Donald Becker <[EMAIL PROTECTED]>
Feb  7 11:51:09 firewall kernel:
http://www.scyld.com/network/tulip.html
Feb  7 11:51:09 firewall kernel: eth1: Lite-On LC82C115 PNIC-II rev 37
at 0xc8823400, 00:A0:CC:67:D6:2D, IRQ 9. Feb  7 11:51:13 firewall
root:
Shorewall Started
Feb  7 11:53:38 firewall root: Shorewall Restarted
Feb  7 11:56:32 firewall root: Shorewall Restarted
Feb  7 11:56:49 firewall root: Shorewall Restarted
Feb  7 12:01:32 firewall root: Shorewall Restarted



IP tables (Masquerade)
Chain PREROUTING (policy ACCEPT 2474 packets, 279K bytes)
pkts bytes target     prot opt in     out     source destination

Chain POSTROUTING (policy ACCEPT 35 packets, 2500 bytes)
pkts bytes target     prot opt in     out     source destination 10
752
eth0_masq  all  --  *      eth0    0.0.0.0/0 0.0.0.0/0


Chain OUTPUT (policy ACCEPT 192 packets, 11920 bytes)
pkts bytes target     prot opt in     out     source destination

Chain eth0_masq (1 references)
pkts bytes target     prot opt in     out     source destination 0
0
MASQUERADE  all  --  *      *       192.168.1.0/24
0.0.0.0/0




SHOREWALL STATUS
[H[JShorewall-1.4.2 Status at firewall - Tue Feb  7 12:15:09 UTC
2006



Counters reset Tue Feb  7 12:01:32 UTC 2006



Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source destination 0
0
DROP      !icmp --  *      *       0.0.0.0/0
0.0.0.0/0          state INVALID
4   336 ACCEPT     all  --  lo     *       0.0.0.0/0
0.0.0.0/0
37  5033 eth0_in    all  --  eth0   *       0.0.0.0/0
0.0.0.0/0
0     0 eth1_in    all  --  eth1   *       0.0.0.0/0 0.0.0.0/0 0     0
common     all  --  *      *       0.0.0.0/0 0.0.0.0/0 0     0 ULOG
all  --  *      *       0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup
1 prefix
`Shorewall:INPUT:REJECT:' queue_threshold 1
0     0 reject     all  --  *      *       0.0.0.0/0 0.0.0.0/0


Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source destination 0
0
DROP      !icmp --  *      *       0.0.0.0/0
0.0.0.0/0          state INVALID
0     0 eth0_fwd   all  --  eth0   *       0.0.0.0/0 0.0.0.0/0 0     0
eth1_fwd   all  --  eth1   *       0.0.0.0/0 0.0.0.0/0 0     0 common
all  --  *      *       0.0.0.0/0 0.0.0.0/0 0     0 ULOG       all  --
*      *       0.0.0.0/0 0.0.0.0/0
ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:FORWARD:REJECT:' queue_threshold 1
0     0 reject     all  --  *      *       0.0.0.0/0 0.0.0.0/0


Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source destination 0
0
DROP      !icmp --  *      *       0.0.0.0/0
0.0.0.0/0          state INVALID
4   336 ACCEPT     all  --  *      lo      0.0.0.0/0
0.0.0.0/0
10   752 fw2net     all  --  *      eth0    0.0.0.0/0
0.0.0.0/0
0     0 fw2loc     all  --  *      eth1    0.0.0.0/0 0.0.0.0/0 0     0
common     all  --  *      *       0.0.0.0/0 0.0.0.0/0 0     0 ULOG
all  --  *      *       0.0.0.0/0 0.0.0.0/0 ULOG copy_range 0 nlgroup
1 prefix
`Shorewall:OUTPUT:REJECT:' queue_threshold 1
0     0 reject     all  --  *      *       0.0.0.0/0 0.0.0.0/0


Chain all2all (3 references)
pkts bytes target     prot opt in     out     source destination 0
0
ACCEPT     all  --  *      *       0.0.0.0/0
0.0.0.0/0          state RELATED,ESTABLISHED
0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0 0.0.0.0/0 state
NEW tcp flags:!0x16/0x02 0     0 common     all  --  *      *
0.0.0.0/0
0.0.0.0/0
0     0 ULOG       all  --  *      *       0.0.0.0/0 0.0.0.0/0 ULOG
copy_range 0 nlgroup 1 prefix `Shorewall:all2all:REJECT:'
queue_threshold 1 0     0 reject     all  --  *      *       0.0.0.0/0
0.0.0.0/0



Chain common (5 references)
pkts bytes target     prot opt in     out     source destination 0
0
icmpdef    icmp --  *      *       0.0.0.0/0 0.0.0.0/0 18  1883 reject
udp  --  *      *       0.0.0.0/0 0.0.0.0/0          udp dpts:137:139
0     0 reject     udp  --  *      *       0.0.0.0/0 0.0.0.0/0
udp
dpt:445
0     0 reject     tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
dpt:139
0     0 reject     tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
dpt:445
0     0 reject     tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
dpt:135
0     0 DROP       udp  --  *      *       0.0.0.0/0 0.0.0.0/0
udp
dpt:1900
9  1562 DROP       all  --  *      *       0.0.0.0/0
255.255.255.255
0     0 DROP       all  --  *      *       0.0.0.0/0 224.0.0.0/4 0
0 reject     tcp  --  *      *       0.0.0.0/0 0.0.0.0/0          tcp
dpt:113
0     0 DROP       udp  --  *      *       0.0.0.0/0 0.0.0.0/0
udp
spt:53 state NEW
0     0 DROP       all  --  *      *       0.0.0.0/0 138.23.75.255 0
0 DROP       all  --  *      *       0.0.0.0/0 192.168.1.255


Chain dynamic (4 references)
pkts bytes target     prot opt in     out     source destination

Chain eth0_fwd (1 references)
pkts bytes target     prot opt in     out     source destination 0
0
dynamic    all  --  *      *       0.0.0.0/0 0.0.0.0/0 0     0 rfc1918
all  --  *      *       0.0.0.0/0 0.0.0.0/0 state NEW 0     0 net2all
all  --  *      eth1    0.0.0.0/0 0.0.0.0/0


Chain eth0_in (1 references)
pkts bytes target     prot opt in     out     source destination 37
5033
dynamic    all  --  *      *       0.0.0.0/0 0.0.0.0/0 27  3445 rfc1918
all  --  *      *       0.0.0.0/0 0.0.0.0/0          state NEW
37  5033 net2fw     all  --  *      *       0.0.0.0/0
0.0.0.0/0



Chain eth1_fwd (1 references)
pkts bytes target     prot opt in     out     source destination 0
0
dynamic    all  --  *      *       0.0.0.0/0 0.0.0.0/0 0     0 loc2net
all  --  *      eth0    0.0.0.0/0 0.0.0.0/0


Chain eth1_in (1 references)
pkts bytes target     prot opt in     out     source destination 0
0
dynamic    all  --  *      *       0.0.0.0/0 0.0.0.0/0 0     0 loc2fw
all  --  *      *       0.0.0.0/0 0.0.0.0/0


Chain fw2loc (1 references)
pkts bytes target     prot opt in     out     source destination 0
0
ACCEPT     all  --  *      *       0.0.0.0/0
0.0.0.0/0          state RELATED,ESTABLISHED
0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0 0.0.0.0/0 state
NEW tcp flags:!0x16/0x02 0     0 ACCEPT     icmp --  *      *
0.0.0.0/0
0.0.0.0/0          icmp type 8
0     0 all2all    all  --  *      *       0.0.0.0/0 0.0.0.0/0


Chain fw2net (1 references)
pkts bytes target     prot opt in     out     source destination 0
0
ACCEPT     all  --  *      *       0.0.0.0/0
0.0.0.0/0          state RELATED,ESTABLISHED
0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0 0.0.0.0/0 state
NEW tcp flags:!0x16/0x02 0     0 ACCEPT     tcp  --  *      *
0.0.0.0/0
0.0.0.0/0          state NEW tcp dpt:53
4   248 ACCEPT     udp  --  *      *       0.0.0.0/0
0.0.0.0/0          state NEW udp dpt:53
6   504 ACCEPT     icmp --  *      *       0.0.0.0/0
0.0.0.0/0          icmp type 8
0     0 all2all    all  --  *      *       0.0.0.0/0 0.0.0.0/0


Chain icmpdef (1 references)
pkts bytes target     prot opt in     out     source destination

Chain loc2fw (1 references)
pkts bytes target     prot opt in     out     source destination 0
0
ACCEPT     all  --  *      *       0.0.0.0/0
0.0.0.0/0          state RELATED,ESTABLISHED
0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0 0.0.0.0/0 state
NEW tcp flags:!0x16/0x02 0     0 ACCEPT     tcp  --  *      *
0.0.0.0/0
0.0.0.0/0          state NEW tcp dpt:22
0     0 ACCEPT     icmp --  *      *       0.0.0.0/0 0.0.0.0/0 icmp
type 8 0     0 ACCEPT     udp  --  *      *       0.0.0.0/0 0.0.0.0/0
state NEW udp dpt:53 0     0 ACCEPT     tcp  --  *      *
0.0.0.0/0
0.0.0.0/0          state NEW tcp dpt:80
0     0 all2all    all  --  *      *       0.0.0.0/0 0.0.0.0/0


Chain loc2net (1 references)
pkts bytes target     prot opt in     out     source destination 0
0
ACCEPT     all  --  *      *       0.0.0.0/0
0.0.0.0/0          state RELATED,ESTABLISHED
0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0 0.0.0.0/0 state
NEW tcp flags:!0x16/0x02 0     0 ACCEPT     all  --  *      *
0.0.0.0/0
0.0.0.0/0



Chain logdrop (30 references)
pkts bytes target     prot opt in     out     source destination 0
0
ULOG       all  --  *      *       0.0.0.0/0
0.0.0.0/0          ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:rfc1918:DROP:' queue_threshold 1
0     0 DROP       all  --  *      *       0.0.0.0/0 0.0.0.0/0


Chain net2all (2 references)
pkts bytes target     prot opt in     out     source destination 0
0
ACCEPT     all  --  *      *       0.0.0.0/0
0.0.0.0/0          state RELATED,ESTABLISHED
0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0 0.0.0.0/0 state
NEW tcp flags:!0x16/0x02 27  3445 common     all  --  *      *
0.0.0.0/0
0.0.0.0/0
0     0 ULOG       all  --  *      *       0.0.0.0/0 0.0.0.0/0 ULOG
copy_range 0 nlgroup 1 prefix `Shorewall:net2all:DROP:'
queue_threshold 1 0     0 DROP       all  --  *      *       0.0.0.0/0
0.0.0.0/0



Chain net2fw (1 references)
pkts bytes target     prot opt in     out     source destination 10
1588
ACCEPT     all  --  *      *       0.0.0.0/0
0.0.0.0/0          state RELATED,ESTABLISHED
0     0 newnotsyn  tcp  --  *      *       0.0.0.0/0 0.0.0.0/0 state
NEW tcp flags:!0x16/0x02 0     0 ACCEPT     icmp --  *      *
0.0.0.0/0
0.0.0.0/0          icmp type 8
27  3445 net2all    all  --  *      *       0.0.0.0/0
0.0.0.0/0



Chain newnotsyn (7 references)
pkts bytes target     prot opt in     out     source destination 0
0
DROP       all  --  *      *       0.0.0.0/0
0.0.0.0/0



Chain reject (10 references)
pkts bytes target     prot opt in     out     source destination 0
0
REJECT     tcp  --  *      *       0.0.0.0/0
0.0.0.0/0          reject-with tcp-reset
18  1883 REJECT     all  --  *      *       0.0.0.0/0
0.0.0.0/0          reject-with icmp-port-unreachable



Chain rfc1918 (2 references)
pkts bytes target     prot opt in     out     source destination 0
0
RETURN     all  --  *      *       255.255.255.255
0.0.0.0/0
0     0 RETURN     all  --  *      *       169.254.0.0/16 0.0.0.0/0 0
0 logdrop    all  --  *      *       172.16.0.0/12 0.0.0.0/0 0     0
logdrop    all  --  *      *       192.0.2.0/24 0.0.0.0/0 0     0
logdrop    all  --  *      *       192.168.0.0/16 0.0.0.0/0 0     0
logdrop    all  --  *      *       0.0.0.0/7 0.0.0.0/0 0     0 logdrop
all  --  *      *       2.0.0.0/8 0.0.0.0/0 0     0 logdrop    all  --
*      *       5.0.0.0/8 0.0.0.0/0
0     0 logdrop    all  --  *      *       7.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       10.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       23.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       27.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       31.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       36.0.0.0/7 0.0.0.0/0 0     0
logdrop    all  --  *      *       39.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       41.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       42.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       49.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       50.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       58.0.0.0/7 0.0.0.0/0 0     0
logdrop    all  --  *      *       60.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       70.0.0.0/7 0.0.0.0/0 0     0
logdrop    all  --  *      *       72.0.0.0/5 0.0.0.0/0 0     0
logdrop    all  --  *      *       83.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       84.0.0.0/6 0.0.0.0/0 0     0
logdrop    all  --  *      *       88.0.0.0/5 0.0.0.0/0 0     0
logdrop    all  --  *      *       96.0.0.0/3 0.0.0.0/0 0     0
logdrop    all  --  *      *       127.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       197.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       198.18.0.0/15 0.0.0.0/0 0     0
logdrop    all  --  *      *       201.0.0.0/8 0.0.0.0/0 0     0
logdrop    all  --  *      *       240.0.0.0/4 0.0.0.0/0


Chain shorewall (0 references)
pkts bytes target     prot opt in     out     source destination

Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=198.41.0.10 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=59066 DF PROTO=UDP
SPT=3420 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=198.32.64.12 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=38406 DF PROTO=UDP
SPT=7976 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.5.5.241 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=34255 DF PROTO=UDP
SPT=25596 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=202.12.27.33 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=45206 DF PROTO=UDP
SPT=30963 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.36.148.17 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=59483 DF PROTO=UDP
SPT=18464 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=128.8.10.90 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=52124 DF PROTO=UDP
SPT=43443 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=128.63.2.53 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=45648 DF PROTO=UDP
SPT=18455 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.112.36.4 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=40862 DF PROTO=UDP
SPT=14202 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=193.0.14.129 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=40873 DF PROTO=UDP
SPT=43008 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.203.230.10 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=59630 DF
PROTO=UDP
SPT=23530 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=198.41.0.4 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=60153 DF PROTO=UDP
SPT=4116 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.33.4.12 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=35480 DF PROTO=UDP
SPT=15657 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=128.9.0.107 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=34144 DF PROTO=UDP
SPT=3918 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=198.41.0.10 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=41108 DF PROTO=UDP
SPT=47595 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=198.32.64.12 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=57489 DF PROTO=UDP
SPT=21574 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.5.5.241 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=60928 DF PROTO=UDP
SPT=64252 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=202.12.27.33 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=33183 DF PROTO=UDP
SPT=61832 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=192.36.148.17 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=48678 DF PROTO=UDP
SPT=56654 DPT=53 LEN=40
Feb  7 11:52:34 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=128.8.10.90 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=43963 DF PROTO=UDP
SPT=15315 DPT=53 LEN=40
Feb  7 11:52:44 all2all:REJECT: IN= OUT=eth0 SRC=138.23.75.45
DST=128.63.2.53 LEN=60 TOS=00 PREC=0x00 TTL=64 ID=53460 DF PROTO=UDP
SPT=24344 DPT=53 LEN=40



NAT Table



Chain PREROUTING (policy ACCEPT 2474 packets, 279K bytes)
pkts bytes target     prot opt in     out     source destination

Chain POSTROUTING (policy ACCEPT 35 packets, 2500 bytes)
pkts bytes target     prot opt in     out     source destination 10
752
eth0_masq  all  --  *      eth0    0.0.0.0/0 0.0.0.0/0


Chain OUTPUT (policy ACCEPT 192 packets, 11920 bytes)
pkts bytes target     prot opt in     out     source destination

Chain eth0_masq (1 references)
pkts bytes target     prot opt in     out     source destination 0
0
MASQUERADE  all  --  *      *       192.168.1.0/24
0.0.0.0/0



Mangle Table



Chain PREROUTING (policy ACCEPT 2682 packets, 300K bytes)
pkts bytes target     prot opt in     out     source destination 402
43682
man1918    all  --  eth0   *       0.0.0.0/0 0.0.0.0/0          state
NEW
414 45293 pretos     all  --  *      *       0.0.0.0/0
0.0.0.0/0



Chain INPUT (policy ACCEPT 351 packets, 38485 bytes)
pkts bytes target     prot opt in     out     source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source destination

Chain OUTPUT (policy ACCEPT 365 packets, 27096 bytes)
pkts bytes target     prot opt in     out     source destination 14
1088
outtos     all  --  *      *       0.0.0.0/0 0.0.0.0/0


Chain POSTROUTING (policy ACCEPT 208 packets, 17676 bytes)
pkts bytes target     prot opt in     out     source destination

Chain logdrop (30 references)
pkts bytes target     prot opt in     out     source destination 0
0
ULOG       all  --  *      *       0.0.0.0/0
0.0.0.0/0          ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:man1918:DROP:' queue_threshold 1
0     0 DROP       all  --  *      *       0.0.0.0/0 0.0.0.0/0


Chain man1918 (1 references)
pkts bytes target     prot opt in     out     source destination 9
1562
RETURN     all  --  *      *       0.0.0.0/0
255.255.255.255
0     0 RETURN     all  --  *      *       0.0.0.0/0 169.254.0.0/16 0
0 logdrop    all  --  *      *       0.0.0.0/0 172.16.0.0/12 0     0
logdrop    all  --  *      *       0.0.0.0/0 192.0.2.0/24 0     0
logdrop    all  --  *      *       0.0.0.0/0 192.168.0.0/16 0     0
logdrop    all  --  *      *       0.0.0.0/0 0.0.0.0/7 0     0 logdrop
all  --  *      *       0.0.0.0/0 2.0.0.0/8 0     0 logdrop    all  --
*      *       0.0.0.0/0 5.0.0.0/8
0     0 logdrop    all  --  *      *       0.0.0.0/0 7.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 10.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 23.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 27.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 31.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 36.0.0.0/7 0     0
logdrop    all  --  *      *       0.0.0.0/0 39.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 41.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 42.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 49.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 50.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 58.0.0.0/7 0     0
logdrop    all  --  *      *       0.0.0.0/0 60.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 70.0.0.0/7 0     0
logdrop    all  --  *      *       0.0.0.0/0 72.0.0.0/5 0     0
logdrop    all  --  *      *       0.0.0.0/0 83.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 84.0.0.0/6 0     0
logdrop    all  --  *      *       0.0.0.0/0 88.0.0.0/5 0     0
logdrop    all  --  *      *       0.0.0.0/0 96.0.0.0/3 0     0
logdrop    all  --  *      *       0.0.0.0/0 127.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 197.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 198.18.0.0/15 0     0
logdrop    all  --  *      *       0.0.0.0/0 201.0.0.0/8 0     0
logdrop    all  --  *      *       0.0.0.0/0 240.0.0.0/4


Chain outtos (1 references)
pkts bytes target     prot opt in     out     source destination 0
0

TOS

tcp  --  *      *       0.0.0.0/0 0.0.0.0/0          tcp dpt:22 TOS
set 0x10
0     0 TOS        tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
spt:22 TOS set 0x10
0     0 TOS        tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
dpt:21 TOS set 0x10
0     0 TOS        tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
spt:21 TOS set 0x10
0     0 TOS        tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
spt:20 TOS set 0x08
0     0 TOS        tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
dpt:20 TOS set 0x08



Chain pretos (1 references)
pkts bytes target     prot opt in     out     source destination 0
0

TOS

tcp  --  *      *       0.0.0.0/0 0.0.0.0/0          tcp dpt:22 TOS
set 0x10
0     0 TOS        tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
spt:22 TOS set 0x10
0     0 TOS        tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
dpt:21 TOS set 0x10
0     0 TOS        tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
spt:21 TOS set 0x10
0     0 TOS        tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
spt:20 TOS set 0x08
0     0 TOS        tcp  --  *      *       0.0.0.0/0 0.0.0.0/0
tcp
dpt:20 TOS set 0x08








-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log
files for problems?  Stop!  Download the new AJAX search engine that
makes searching your log files as easy as surfing the  web.  DOWNLOAD
SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=1216
42
----------------------------------------------------------------------
--
leaf-user mailing list: [email protected]
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/



-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log
files for problems?  Stop!  Download the new AJAX search engine that
makes searching your log files as easy as surfing the  web.  DOWNLOAD
SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642

-----------------------------------------------------------------------
-
leaf-user mailing list: [email protected]
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log
files for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
------------------------------------------------------------------------
leaf-user mailing list: [email protected]
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/





-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
------------------------------------------------------------------------
leaf-user mailing list: [email protected]
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/




-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
------------------------------------------------------------------------
leaf-user mailing list: [email protected]
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] interal network card not responding properly

Reply via email to