Hi Lule (Mr.), I'm still with you. I pity those people who think it takes a CCIE to configure a 2600 series for HDLC. Your configs are looking good.
Can I ask for one last dump, I won't bother you again till I have some answers. My experience with SuSE 9.1 on a Dell was worse, it gave me an oil paint-like display and I really didn't have the energy to persist. Give us a dmesg will you. It should tell us what kind of hardware we are dealing with. Bernard Wanyama Support Engineer Linux Solutions Uganda Cell: +256 71 193 979 > > >> Hmmm... has anybody contacted Kiggs on this matter? Bwana Kiggs, > where art thou? If I do remember correctly, he does market SuSE in East > and central Africa now doesn't he? >> >> As for Lule George William (Mr) I think your linux/cisco skills need > honing. > > 1) True, I wont deny that but I wonder if you are so many on this list > that have reached the pinnacle of your Linux/Cisco skills and no longer > need to horn them. > 2) If you are making that statement basing on the configurations I > posted, you have forgetten that somewhere in my posting I mentioned > that the last installation of this server has no firewall, no named, no > bind no nothing installed. And as for the router I picked a new one(not > my regular prouction one), I just made the basic of configurations just > enough to get to get me on the internet and plugged it in. It isn't my > regular fully configured router and neither is this server that is > disturbing me my regular proxy. I am just setting it up and with this > router, we(those who still need to horn their Linux/Cisco skills) can > fiddle around with a variety of configurations till we sort out this > problem without disturbing a hair of my installed setup. > >>A bad workman always blames his tools! Choose an OS and stick to it. > > OOOPssss, someone is telling me to stick to 7.2!!!! > >>This world has too many double agents already! > > I bought my software (two original copies) from a one Kiggs of kymnet, > could he be one of those agents you warn me about? > >> >> Simon says Slackware! You simply can't go wrong... > > Let us first fail to solve the SuSE problem then only can I be conviced > to look at another distribution. > > And my final say Mr. Ssekidde calling me a bad workman because I have > posted a problem I have failed to solve doesn't do this list any good. > I think that is why it was created in the first place and that is the > impression James Wire Lunghabo gave me when he introduced me to it and > unfortunately it is the same impression I gave some four young linux > enthusiasts when I encouraged them to sign up. Are we wrong Mr. > Ssekidde? > >> >> http://www.slackware.com/ >> http://www.slackware.com/announce/10.0.php >> >> Sekidde >> >> >> "Lule George William" <[EMAIL PROTECTED]> wrote: >> >> > >> >Hello guys, >> >I didn't just let this thread die off. Just been doing alot of work > on >> >this machine and currently here is the update since my last posting. >> 1) Knocked off SuSE 9.1 and installed 8.0, just to C how it will >> behave. There was no change with 9.0. >> >2) Knocked off 8.0 and placed on Windoze 2K Server. Windoze behaved >> well!!! Could ping both the router and my internal network, >> >perfectly!!! This practically ruled out hardware malfunction. >> >3) Knocked off Windoze and placed back 9.1. No firewall configured, > no >> >named, no nothing, the weird behaviour returned, can ping the > internal >> >network, returns network unreachable when pinging the router. >> >4) Since the router is a 2611 with a 10Mbps connection Simon advised >> me >> >not to allow the card facing the router to autonegotiate but fix it > at >> >10Mbs Half Duplex. I did that but there was no change. >> >5) Went to the stores and picked another new 2611, gave it a >> >configuration just enough for us to get onto the Internet, plugged > it >> >in in place of the old one. Still no change. >> >So at this point I start to answer your questions: >> > >> > >> >> Hi, >> >> >> >> Could you drop us the following configs (you can censor your IPs ) >> >> >> >> Router >> >> - sh run, >> > >> > >> >UMU#sh running-config >> >Building configuration... >> > >> >Current configuration : 790 bytes >> >! >> >version 12.2 >> >service timestamps debug uptime >> >service timestamps log uptime >> >no service password-encryption >> >! >> >hostname UMU >> >! >> >enable secret 5 $1$MHGk$wXIwNX2OPyqpApF3xAyGm1 >> >enable password ************ >> >! >> >ip subnet-zero >> >! >> >! >> >ip name-server 212.88.97.** >> >ip name-server 212.88.97.** >> >! >> >! >> >! >> >! >> >interface Ethernet0/0 >> > ip address 212.88.97.** 255.255.255.** >> > no ip mroute-cache >> > half-duplex >> >! >> >interface Serial0/0 >> > ip address 212.88.96.** 255.255.255.** >> > no ip mroute-cache >> >! >> >interface Ethernet0/1 >> > no ip address >> > no ip mroute-cache >> > shutdown >> > half-duplex >> >! >> >ip default-gateway 212.88.96.** >> >ip classless >> >ip route 0.0.0.0 0.0.0.0 212.88.96.** >> >ip route 0.0.0.0 0.0.0.0 212.88.96.** >> >ip http server >> >ip pim bidir-enable >> >! >> >! >> >line con 0 >> >line aux 0 >> >line vty 0 4 >> > exec-timeout 30 0 >> > password ******** >> > login >> >! >> >end >> > >> >UMU# >> > >> >> - sh int e0 (or sh int fa0) >> > >> >UMU#sh interfaces ethernet 0/0 >> >Ethernet0/0 is up, line protocol is up >> > Hardware is AmdP2, address is 0009.b7fe.6620 (bia 0009.b7fe.6620) >> Internet address is 212.88.97.**/** >> > MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, >> > reliability 255/255, txload 1/255, rxload 1/255 >> > Encapsulation ARPA, loopback not set >> > Keepalive set (10 sec) >> > ARP type: ARPA, ARP Timeout 04:00:00 >> > Last input 00:00:23, output 00:00:00, output hang never >> > Last clearing of "show interface" counters never >> > Queueing strategy: fifo >> > Output queue 0/40, 0 drops; input queue 0/75, 0 drops >> > 5 minute input rate 3000 bits/sec, 2 packets/sec >> > 5 minute output rate 8000 bits/sec, 3 packets/sec >> > 11235 packets input, 1445083 bytes, 0 no buffer >> > Received 6 broadcasts, 0 runts, 0 giants, 0 throttles >> > 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored >> > 0 input packets with dribble condition detected >> > 10791 packets output, 7595172 bytes, 0 underruns >> > 11 output errors, 0 collisions, 1 interface resets >> > 0 babbles, 0 late collision, 2 deferred >> > 11 lost carrier, 0 no carrier >> > 0 output buffer failures, 0 output buffers swapped out >> > >> > >> >> - debug interface e0 (or debug int fa0) >> > >> >UMU#debug interface ethernet 0/0 >> >Condition 1 set >> >UMU#debug interface ethernet 0/0 >> >% Condition already set >> > >> > >> >> >> >> Firewall >> >> - ifconfig >> > >> >eth0 Link encap:Ethernet HWaddr 00:0B:CD:D0:C2:48 >> > inet addr:192.168.22.5 Bcast:192.168.255.255 >> >Mask:255.255.0.0 >> > inet6 addr: fe80::20b:cdff:fed0:c248/64 Scope:Link >> > UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 >> >Metric:1 >> > RX packets:1306 errors:0 dropped:0 overruns:0 frame:0 TX >> packets:204 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:1000 >> > RX bytes:415917 (406.1 Kb) TX bytes:32097 (31.3 Kb) >> Interrupt:19 >> > >> >eth1 Link encap:Ethernet HWaddr 00:04:79:67:E5:4B >> > inet addr:212.88.97.222 Bcast:212.88.97.223 >> >Mask:255.255.255.240 >> > inet6 addr: fe80::204:79ff:fe67:e54b/64 Scope:Link >> > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 >> > RX packets:556 errors:0 dropped:0 overruns:0 frame:0 TX >> packets:1077 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:1000 >> > RX bytes:46195 (45.1 Kb) TX bytes:81764 (79.8 Kb) >> > Interrupt:27 Base address:0x3000 >> > >> >lo Link encap:Local Loopback >> > inet addr:127.0.0.1 Mask:255.0.0.0 >> > inet6 addr: ::1/128 Scope:Host >> > UP LOOPBACK RUNNING MTU:16436 Metric:1 >> > RX packets:132 errors:0 dropped:0 overruns:0 frame:0 TX >> packets:132 errors:0 dropped:0 overruns:0 carrier:0 >> collisions:0 txqueuelen:0 >> > RX bytes:12332 (12.0 Kb) TX bytes:12332 (12.0 Kb) >> > >> > >> >> - iptables -nv --list >> > >> >umupo:~ # iptables -nv --list >> >Chain INPUT (policy DROP 0 packets, 0 bytes) >> > pkts bytes target prot opt in out source >> >destination >> > 10 652 ACCEPT all -- lo * 0.0.0.0/0 >> >0.0.0.0/0 >> > 0 0 DROP all -- eth1 * 0.0.0.0/0 >> >255.255.255.255 >> > 0 0 DROP all -- eth1 * 0.0.0.0/0 >> >212.88.97.223 >> > 0 0 input_ext all -- eth1 * 0.0.0.0/0 >> >0.0.0.0/0 >> > 499 292K input_int all -- eth0 * 0.0.0.0/0 >> >0.0.0.0/0 >> > 0 0 LOG all -- eth0 * 0.0.0.0/0 >> >212.88.97.222 LOG flags 6 level 4 prefix `SFW2-IN- > ACC_DENIED_INT >> >' >> > 0 0 DROP all -- eth0 * 0.0.0.0/0 >> >212.88.97.222 >> > 0 0 LOG all -- * * 0.0.0.0/0 >> >0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-IN-ILL-TARGET ' >> > 0 0 DROP all -- * * 0.0.0.0/0 >> >0.0.0.0/0 >> > >> >Chain FORWARD (policy DROP 0 packets, 0 bytes) >> > pkts bytes target prot opt in out source >> >destination >> > 0 0 TCPMSS tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU >> > >> >Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) >> > pkts bytes target prot opt in out source >> >destination >> > 10 652 ACCEPT all -- * lo 0.0.0.0/0 >> >0.0.0.0/0 >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 11 LOG flags 6 level 4 prefix >> >`SFW2-OUT-TRACERT-ATTEMPT ' >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 11 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 3 code 3 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 3 code 4 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 3 code 9 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 3 code 10 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 3 code 13 >> > 0 0 DROP icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 3 >> > 224 30943 ACCEPT all -- * * 0.0.0.0/0 >> >0.0.0.0/0 state NEW,RELATED,ESTABLISHED >> > 0 0 LOG all -- * * 0.0.0.0/0 >> >0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-OUTPUT-ERROR ' >> > >> >Chain forward_dmz (0 references) >> > pkts bytes target prot opt in out source >> >destination >> > >> >Chain forward_ext (0 references) >> > pkts bytes target prot opt in out source >> >destination >> > >> >Chain forward_int (0 references) >> > pkts bytes target prot opt in out source >> >destination >> > >> >Chain input_dmz (0 references) >> > pkts bytes target prot opt in out source >> >destination >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 8 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix >> >`SFW2-INdmz-DROP-ICMP-CRIT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix >> >`SFW2-INdmz-DROP-ICMP-CRIT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix >> >`SFW2-INdmz-DROP-ICMP-CRIT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix >> >`SFW2-INdmz-DROP-ICMP-CRIT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix >> >`SFW2-INdmz-DROP-ICMP-CRIT ' >> > 0 0 DROP icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 >> > 0 0 reject_func tcp -- * * > 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 >> prefix `SFW2-INdmz-DROP ' >> > 0 0 DROP tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 >> prefix `SFW2-INdmz-DROP ' >> > 0 0 DROP tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:631 flags:0x16/0x02 LOG flags 6 level 4 >> prefix `SFW2-INdmz-DROP ' >> > 0 0 DROP tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:631 flags:0x16/0x02 >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED tcp flags:0x16/0x02 > LOG >> >flags 6 level 4 prefix `SFW2-INdmz-ACC-HiTCP ' >> > 0 0 ACCEPT tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED >> > 0 0 ACCEPT udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:22 state NEW >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:111 state NEW >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:111 state NEW >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:631 state NEW >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:631 state NEW >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix >> `SFW2-INdmz-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix >> >`SFW2-INdmz-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix >> >`SFW2-INdmz-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix >> >`SFW2-INdmz-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix >> >`SFW2-INdmz-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix >> >`SFW2-INdmz-DROP-DEFLT ' >> > 0 0 LOG udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP- > DEFLT >> >' >> > 0 0 LOG all -- * * 0.0.0.0/0 >> >0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix >> >`SFW2-INdmz-DROP-DEFLT-INV ' >> > 0 0 DROP all -- * * 0.0.0.0/0 >> >0.0.0.0/0 >> > >> >Chain input_ext (1 references) >> > pkts bytes target prot opt in out source >> >destination >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix >> >`SFW2-INext-ACC-SOURCEQUENCH ' >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 4 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 8 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix >> >`SFW2-INext-DROP-ICMP-CRIT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix >> >`SFW2-INext-DROP-ICMP-CRIT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix >> >`SFW2-INext-DROP-ICMP-CRIT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix >> >`SFW2-INext-DROP-ICMP-CRIT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix >> >`SFW2-INext-DROP-ICMP-CRIT ' >> > 0 0 DROP icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 >> > 0 0 reject_func tcp -- * * > 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 >> prefix `SFW2-INext-DROP ' >> > 0 0 DROP tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 >> prefix `SFW2-INext-DROP ' >> > 0 0 DROP tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:631 flags:0x16/0x02 LOG flags 6 level 4 >> prefix `SFW2-INext-DROP ' >> > 0 0 DROP tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:631 flags:0x16/0x02 >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED tcp flags:0x16/0x02 > LOG >> >flags 6 level 4 prefix `SFW2-INext-ACC-HiTCP ' >> > 0 0 ACCEPT tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED >> > 0 0 ACCEPT udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:22 state NEW >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:111 state NEW >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:111 state NEW >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:631 state NEW >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:631 state NEW >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix >> `SFW2-INext-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix >> >`SFW2-INext-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix >> >`SFW2-INext-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix >> >`SFW2-INext-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix >> >`SFW2-INext-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix >> >`SFW2-INext-DROP-DEFLT ' >> > 0 0 LOG udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-INext-DROP- > DEFLT >> >' >> > 0 0 LOG all -- * * 0.0.0.0/0 >> >0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix >> >`SFW2-INext-DROP-DEFLT-INV ' >> > 0 0 DROP all -- * * 0.0.0.0/0 >> >0.0.0.0/0 >> > >> >Chain input_int (1 references) >> > pkts bytes target prot opt in out source >> >destination >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 8 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 0 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 3 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 11 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 12 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 14 >> > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED icmp type 18 >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix >> >`SFW2-INint-DROP-ICMP-CRIT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix >> >`SFW2-INint-DROP-ICMP-CRIT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix >> >`SFW2-INint-DROP-ICMP-CRIT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix >> >`SFW2-INint-DROP-ICMP-CRIT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 2 LOG flags 6 level 4 prefix >> >`SFW2-INint-DROP-ICMP-CRIT ' >> > 0 0 DROP icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 >> > 3 144 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:23 flags:0x16/0x02 LOG flags 6 level 4 >> prefix `SFW2-INint-ACC-TCP ' >> > 3 144 ACCEPT tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state NEW,RELATED,ESTABLISHED tcp dpt:23 >> > 0 0 reject_func tcp -- * * > 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:113 flags:0x16/0x02 >> > 5 240 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 >> prefix `SFW2-INint-DROP ' >> > 5 240 DROP tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:22 flags:0x16/0x02 >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 >> prefix `SFW2-INint-DROP ' >> > 0 0 DROP tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:111 flags:0x16/0x02 >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:631 flags:0x16/0x02 LOG flags 6 level 4 >> prefix `SFW2-INint-DROP ' >> > 0 0 DROP tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp dpt:631 flags:0x16/0x02 >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED tcp flags:0x16/0x02 > LOG >> >flags 6 level 4 prefix `SFW2-INint-ACC-HiTCP ' >> > 197 184K ACCEPT tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED >> > 12 1268 ACCEPT udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 state RELATED,ESTABLISHED >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:22 state NEW >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:111 state NEW >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:111 state NEW >> > 9 1494 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:631 state NEW >> > 0 0 DROP udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 udp dpt:631 state NEW >> > 0 0 LOG tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix >> `SFW2-INint-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 4 LOG flags 6 level 4 prefix >> >`SFW2-INint-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 5 LOG flags 6 level 4 prefix >> >`SFW2-INint-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 8 LOG flags 6 level 4 prefix >> >`SFW2-INint-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 13 LOG flags 6 level 4 prefix >> >`SFW2-INint-DROP-DEFLT ' >> > 0 0 LOG icmp -- * * 0.0.0.0/0 >> >0.0.0.0/0 icmp type 17 LOG flags 6 level 4 prefix >> >`SFW2-INint-DROP-DEFLT ' >> > 273 104K LOG udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 LOG flags 6 level 4 prefix `SFW2-INint-DROP- > DEFLT >> >' >> > 0 0 LOG all -- * * 0.0.0.0/0 >> >0.0.0.0/0 state INVALID LOG flags 6 level 4 prefix >> >`SFW2-INint-DROP-DEFLT-INV ' >> > 273 104K DROP all -- * * 0.0.0.0/0 >> >0.0.0.0/0 >> > >> >Chain reject_func (3 references) >> > pkts bytes target prot opt in out source >> >destination >> > 0 0 REJECT tcp -- * * 0.0.0.0/0 >> >0.0.0.0/0 reject-with tcp-reset >> > 0 0 REJECT udp -- * * 0.0.0.0/0 >> >0.0.0.0/0 reject-with icmp-port-unreachable >> > 0 0 REJECT all -- * * 0.0.0.0/0 >> >0.0.0.0/0 reject-with icmp-proto-unreachable >> >umupo:~ # >> > >> >> >> >> This should tell us a better story. >> > >> >Hope this story will have a good ending. >> > >> >Someone in another post had requested asked to do something using >> mii-tool. Before I could even do it, mii-tool refused to run on the >> machine as shown below >> > >> >umupo:~ # mii-tool -w eth2 >> >SIOCGMIIPHY on 'eth2' failed: Invalid argument >> > >> >When I insisted: >> > >> >umupo:~ # mii-tool -F 10BaseT-HD eth1 >> >SIOCGMIIPHY on 'eth1' failed: Operation not supported >> > >> >ethtool didn't behave any better. Was giving me also errors. >> > >> >Someone in another post also mentioned something to do with vlans on >> the catalyst 2950. Well I haven't done any configuration on that >> switch as yet. Just got it out of its box and plucked it into the >> network. And besides, if that were the case, I would have already > had >> >this problem with my current proxy and also the windoze earlier >> mentioned wouldn't have behaved at all!! >> > >> >I really appreciate all your help, and I have a very strong feeling >> that I am not the last one to have this problem with 9.1. We need a >> solution early... >> > >> >> >> >> Bernard Wanyama >> >> Support Engineer >> >> Linux Solutions Uganda >> >> Cell: +256 71 193 979 >> >> >> >> > Hello Guys, >> >> > I am dying to say (read type) some very, very, very nasty > things >> >about >> >> > SuSE 9.1 but let me hold them back and just put across the > source >> >of my >> >> > frustration. >> >> > Last Friday (I am typing this mail at the end of Wednesday) I > made >> >a >> >> > clean install of SuSE 9.1 on a new machine with specs: HP > Compaq, >> >Intel >> >> > Xeon Processor 2.4 GHZ, 1 GB RAM, 2 x 40GB HDD. Since among its >> >other >> >> > intended functions, it also going to be our proxy, I added a 2nd >> >n/w >> >> > card on top of its onboard gigabit ethernet card and then > embarked >> >on >> >> > the installation. >> >> > It detected my network cards O.K and using YAST, I I.P > addressed >> >them >> >> > and after which I did the proverbial ping test. I had configured >> >the >> >> > onboard to face our internal network and the other card to face >> >the >> >> > internet. The onboard returned the ping from all the internal >> >machines >> >> > O.K, but the second card gave me a network unreachable error. Re- > >> >check >> >> > the values, re-enter them all O.K but still network unreachable >> >errors. >> >> > As a test, at this point, I decided to configure the onboard >> >instead to >> >> > face the internet and the second card to face the internal >> >network. >> >The >> >> > ping responded form all the machines on the internal network but >> >got >> >> > network unreachable errors from the onboard card. That > confirmed >> >both >> >> > cards to be O.K. >> >> > When I switched the onboard to face the internal n/w again, > BOTH >> >cards >> >> > returned network unreachable errors!!!!!! I got two other > WORKING >> >cards >> >> > placed them into the machine, spent my saturday, my sunday, >> >monday, >> >> > tuesday, googled my (oops no nasty words!!) off and the circus >> continued, ping from inside, network unreachable errors from >> >outside. >> >> > In between, I configured BIND which returns a succesfull dig >> >@localhost >> >> > but no remote servers found error when I try to dig anything > else. >> >I >> >> > think its because of the other problem. I installed and > configured >> >> > squid which is also dying with a DNS name lookup tests failed >> >error. I >> >> > still think it is the other problem. I have configured and >> >reconfigured >> >> > SuSEfirewall2 a million times but still no luck. I have > disabled >> >ipv6, >> >> > set static routes, checked all files in /etc/sysconfig/network >> >against >> >> > recommended ones and so many other things but still no luck. Can >> someone out there save my sanity?? Honest!! This thing is >> >driving >> >> > me mad!!!! >> >> > >> >> > >> >>*********************************************************************** > * >> > >> >> > Lule George William (Mr) >> >> > Network and Systems Administrator >> >> > Uganda Martyrs University, Nkozi >> >> > P.O. Box 5498 Kampala >> >> > Uganda >> >> > >> >> > >> >> > --------------------------------------------- >> >> > This service is hosted on the Infocom network >> >> > http://www.infocom.co.ug >> >> >> >> >> >> >> >> >> >> >> >> --------------------------------------------- >> >> This service is hosted on the Infocom network >> >> http://www.infocom.co.ug >> >> >> >> >> > >> >>*********************************************************************** > * >> > >> >Lule George William (Mr) >> >Network and Systems Administrator >> >Uganda Martyrs University, Nkozi >> >P.O. Box 5498 Kampala >> >Uganda >> > >> > >> >--------------------------------------------- >> >This service is hosted on the Infocom network >> >http://www.infocom.co.ug >> > >> >> __________________________________________________________________ >> Switch to Netscape Internet Service. >> As low as $9.95 a month -- Sign up today at > http://isp.netscape.com/register >> >> Netscape. Just the Net You Need. >> >> New! Netscape Toolbar for Internet Explorer >> Search from anywhere on the Web and block those annoying pop-ups. >> Download now at http://channels.netscape.com/ns/search/install.jsp >> >> >> --------------------------------------------- >> This service is hosted on the Infocom network >> http://www.infocom.co.ug >> >> > > ************************************************************************ > Lule George William (Mr) > Network and Systems Administrator > Uganda Martyrs University, Nkozi > P.O. Box 5498 Kampala > Uganda > > > --------------------------------------------- > This service is hosted on the Infocom network > http://www.infocom.co.ug --------------------------------------------- This service is hosted on the Infocom network http://www.infocom.co.ug
