Hello,
Ok i successfully setup the firewall using DHCP. So my next step was to add
another NIC and use DMZ with a public static IP. The NIC that i added was the
same exact model as my eth0, which was a 3com so it uses the same driver.
After configuring shorewall to use eth2, when i start the firewall, or restart
it i get this weird error and shorewall shuts down:
RTNETLINK answers: Operation not supported by device
I cannot find anything about this problem through searching the web, so im kind
of stuck here. One thing that strkes me as odd that is on bootup it seems like
the comptuer is only assigning 2 IRQ's instead of 3
Feb 9 11:28:26 firewall kernel: ttyS00 at 0x03f8 (irq = 4) is a 16550A
Feb 9 11:28:26 firewall kernel: ttyS01 at 0x02f8 (irq = 3) is a 16550A
and when i do an lsmod i get this:
Module Pages Used by
ip_nat_irc 2176 0 (unused)
ip_nat_ftp 2784 0 (unused)
ip_conntrack_irc 2880 1
ip_conntrack_ftp 3648 1
tulip 33704 0 (unused)
3c59x 22540 2
pci-scan 3532 2 [tulip 3c59x]
so tulip driver is being used on my linksys card and was working fine before as
my eth1, but now after the addition of DMZ, the driver is not even being used.
but as you can see both of the 3com's are being detected.
can anyone please help me out with this problem, the time is ticking down on
when i need to get this finished so im kinda of stressing. Below is the output
of some basic commands.
Thanks alot!!
-Ray
---------------------------------
ip addr show
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:10:5a:18:ff:c3 brd ff:ff:ff:ff:ff:ff
inet 138.23.75.45/24 brd 138.23.75.255 scope global eth0
4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:10:4b:6a:80:6d brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global eth1
5: eth2: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 100
link/ether 00:a0:cc:67:d6:2d brd ff:ff:ff:ff:ff:ff
-------------------------------------------
ip route show
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.1
138.23.75.0/24 dev eth0 proto kernel scope link src 138.23.75.45
default via 138.23.75.1 dev eth0
------------------------------------------
/var/messages
Feb 9 11:28:26 firewall syslogd 1.3-3#31.slink1: restart.
Feb 9 11:28:26 firewall kernel: klogd 1.3-3#31.slink1, log source = /proc/kmsg
started.
Feb 9 11:28:26 firewall kernel: No module symbols loaded.
Feb 9 11:28:26 firewall kernel: BIOS-provided physical RAM map:
Feb 9 11:28:26 firewall kernel: 128MB LOWMEM available.
Feb 9 11:28:26 firewall kernel: Initializing CPU#0
Feb 9 11:28:26 firewall kernel: Memory: 127360k/131072k available (948k kernel
code, 3312k reserved, -1176k data, 64k init, 0k highmem)
Feb 9 11:28:26 firewall kernel: Dentry cache hash table entries: 16384 (order:
5, 131072 bytes)
Feb 9 11:28:26 firewall kernel: Inode cache hash table entries: 8192 (order:
4, 65536 bytes)
Feb 9 11:28:26 firewall kernel: CPU: L1 I cache: 16K, L1 D cache: 16K
Feb 9 11:28:26 firewall kernel: CPU: L2 cache: 512K
Feb 9 11:28:26 firewall kernel: Enabling fast FPU save and restore... done.
Feb 9 11:28:26 firewall kernel: Checking 'hlt' instruction... OK.
Feb 9 11:28:26 firewall kernel: PCI: PCI BIOS revision 2.10 entry at 0xfd9a3,
last bus=1
Feb 9 11:28:26 firewall kernel: PCI: Using configuration type 1
Feb 9 11:28:26 firewall kernel: PCI: Probing PCI hardware
Feb 9 11:28:26 firewall kernel: PCI: Using IRQ router PIIX [8086/7110] at
00:07.0
Feb 9 11:28:26 firewall kernel: Limiting direct PCI/PCI transfers.
Feb 9 11:28:26 firewall kernel: Linux NET4.0 for Linux 2.4
Feb 9 11:28:26 firewall kernel: Based upon Swansea University Computer Society
NET3.039
Feb 9 11:28:26 firewall kernel: Serial driver version 5.05c (2001-07-08) with
MANY_PORTS SHARE_IRQ DETECT_IRQ SERIAL_PCI enabled
Feb 9 11:28:26 firewall kernel: ttyS00 at 0x03f8 (irq = 4) is a 16550A
Feb 9 11:28:26 firewall kernel: ttyS01 at 0x02f8 (irq = 3) is a 16550A
Feb 9 11:28:26 firewall kernel: Real Time Clock Driver v1.10e
Feb 9 11:28:26 firewall kernel: Software Watchdog Timer: 0.05, timer margin:
60 sec
Feb 9 11:28:26 firewall kernel: Floppy drive(s): fd0 is 1.44M
Feb 9 11:28:26 firewall kernel: FDC 0 is a post-1991 82077
Feb 9 11:28:26 firewall kernel: NET4: Linux TCP/IP 1.0 for NET4.0
Feb 9 11:28:26 firewall kernel: IP Protocols: ICMP, UDP, TCP, IGMP
Feb 9 11:28:26 firewall kernel: IP: routing cache hash table of 1024 buckets,
8Kbytes
Feb 9 11:28:26 firewall kernel: TCP: Hash tables configured (established 8192
bind 8192)
Feb 9 11:28:26 firewall kernel: NET4: Unix domain sockets 1.0/SMP for Linux
NET4.0.
Feb 9 11:28:26 firewall kernel: RAMDISK: Compressed image found at block 0
Feb 9 11:28:26 firewall kernel: Freeing initrd memory: 401k freed
Feb 9 11:28:26 firewall kernel: Freeing unused kernel memory: 64k freed
Feb 9 11:28:26 firewall kernel: pci-scan.c:v1.11 8/31/2002 Donald Becker
<[EMAIL PROTECTED]> http://www.scyld.com/linux/drivers.html
Feb 9 11:28:26 firewall kernel: 3c59x.c:v0.99Xf 11/17/2002 Donald Becker,
[EMAIL PROTECTED]
Feb 9 11:28:26 firewall kernel: http://www.scyld.com/network/vortex.html
Feb 9 11:28:26 firewall kernel: eth0: 3Com 3c905B Cyclone 100baseTx at 0x1400,
00:10:5a:18:ff:c3, IRQ 9
Feb 9 11:28:26 firewall kernel: 8K buffer 5:3 Rx:Tx split,
autoselect/Autonegotiate interface.
Feb 9 11:28:26 firewall kernel: MII transceiver found at address 24, status
7849.
Feb 9 11:28:26 firewall kernel: MII transceiver found at address 0, status
7849.
Feb 9 11:28:26 firewall kernel: Using bus-master transmits and whole-frame
receives.
Feb 9 11:28:26 firewall kernel: eth1: 3Com 3c905B Cyclone 100baseTx at 0x1480,
00:10:4b:6a:80:6d, IRQ 9
Feb 9 11:28:26 firewall kernel: 8K buffer 5:3 Rx:Tx split,
autoselect/Autonegotiate interface.
Feb 9 11:28:26 firewall kernel: MII transceiver found at address 24, status
7849.
Feb 9 11:28:26 firewall kernel: MII transceiver found at address 0, status
7849.
Feb 9 11:28:26 firewall kernel: Using bus-master transmits and whole-frame
receives.
Feb 9 11:28:26 firewall kernel: tulip.c:v0.95f 11/17/2002 Written by Donald
Becker <[EMAIL PROTECTED]>
Feb 9 11:28:26 firewall kernel: http://www.scyld.com/network/tulip.html
Feb 9 11:28:26 firewall kernel: eth2: Lite-On LC82C115 PNIC-II rev 37 at
0xc8823400, 00:A0:CC:67:D6:2D, IRQ 9.
Feb 9 11:28:28 firewall root: Shorewall Stopped
Feb 9 11:55:51 firewall root: Shorewall Stopped
----------------------------------
shorewall status
�[H�[JShorewall-1.4.2 Status at firewall - Thu Feb 9 12:00:33 UTC 2006
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
NAT Table
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Mangle Table
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
------------------------------------------------------------------------
leaf-user mailing list: [email protected]
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/
