Not a stupid question as I generally bumble thru Linux. PM firewall wrote the rules. I answered all the questions as the default except for the one about getting IP from DHCP. It is set up to run on eth0. I did have my host.deny set to All: All. I deleted this and still no response. I set the security setting in 7.1 as medium. There was no security setting for 6.1. Ironically I can ping the machine with internet over the internet from my office. I've included an edited selection of rules. I can't see where it should block the internal network. #!/bin/sh # pmfirewall.rules.local # ver.PM1 (do not remove this line) ### BEGIN SYSTEM DEFAULTS ### # Block Nonroutable IP's from entering on the External Interface $IPCHAINS -A input -j DENY -s 10.0.0.0/8 -d $OUTERNET -i $OUTERIF $IPCHAINS -A input -j DENY -s 127.0.0.0/8 -d $OUTERNET -i $OUTERIF $IPCHAINS -A input -j DENY -s 172.16.0.0/12 -d $OUTERNET -i $OUTERIF $IPCHAINS -A input -j DENY -s 192.168.0.0/16 -d $OUTERNET -i $OUTERIF #!/bin/sh # pmfirewall.conf - used by pmfirewall package IPCHAINS=/sbin/ipchains ATBOOT=1 CONFIG_DIR=/usr/local/pmfirewall OUTERIF=eth0 REMOTENET=0/0 OUTERIP=`ifconfig $OUTERIF | grep inet | cut -d : -f 2 | cut -d \ -f 1` OUTERMASK=`ifconfig $OUTERIF | grep Mas | cut -d : -f 4` OUTERNET=$OUTERIP/$OUTERMASK #### EXAMPLES ### ### ALLOWED NETWORKS # Add in any rules to specifically allow connections from hosts/nets that # would otherwise be blocked. #$IPCHAINS -A input -s [trusted host/net] -d $OUTERNET <ports> -j ACCEPT ### BLOCKED NETWORKS # Add in any rules to specifically block connections from hosts/nets that # have been known to cause problems. These packets are logged. #$IPCHAINS -A input -s [banned host/net] -d $OUTERNET <ports> -j DENY -l ### BLOCK ICMP ATTACKS # #$IPCHAINS -A input -b -i $OUTERIF -p icmp -s [host/net] -d $OUTERNET -j DENY -l --- Greg Stewart <[EMAIL PROTECTED]> wrote: > Um, have you set these ipchains rules yourself? Or, > is some script setting > them for you? Did you know that you have ipchains > rules set in the first > place? (Stupid question, I know, but it doesn't hurt > to ask). > > You may want to check to make sure your internal IPs > do not exists in > hosts.deny. > > Let me know what secuirty level you installed MDK > with. > > Check to make sure that your ipchains rules do not > DENY the 192.168.0.0 > subnet for the internal network. > > For some reason your machine is set to drop packets > on port 8, or it may be > set to drop everything from non-routable subnets > (10.0.0.0, 176, 127.0.0.0, > 172.16.0.0, 192.168.0.0) on all interfaces--I don't > know, and can't tell > from here without more info. > > I'll have to think on this one for now...it's late > and I have to wake up in > four hours for work... > > --Greg > > ----- Original Message ----- > From: "Dan" <[EMAIL PROTECTED]> > > > > I forgot to include that. i think I did that > already: > > > > This is for the host.allow file for 196.168.0.2: > > > > # > > # hosts.allow This file describes the names of > the > > hosts which are > > # allowed to use the local INET > > services, as decided > > # by the '/usr/sbin/tcpd' server. > > # > > ALL: 127. > > All: 192.168.0.1 > > > > This is the host.allow for 196.168.0.1: > > > > # > > # hosts.allow This file describes the names of > the > > hosts which are > > # allowed to use the local INET > > services, as decided > > # by the '/usr/sbin/tcpd' server. > > # > > # > > All: 127 > > All: 192.168.0.2 > > > > It still doesn't work. > > > > --- Greg Stewart <[EMAIL PROTECTED]> wrote: > > > You obvoiusly have to add each machine's IP > address > > > to the other mashine's > > > /etc/host.allow file. You can either do this by > > > simply typing the IP > > > address, or as foolws: > > > > > > ALL:192.168.0.x > > > > > > where 'x' is the other machines number on the > > > subnet. > > > > > > --Greg > > > > > > > > > ----- Original Message ----- > > > From: "Dan" <[EMAIL PROTECTED]> > > > > > > > > > > I'm having a problem connecting two machines: > one > > > > running Mandrake 7.1 and one running 6.1. The > > > machine > > > > running 7.1 has Roadrunner on eth0 with the > IP > > > > assigned by DHCP and this works fine. I put a > > > second > > > > NIC car in this machine (DFE-530TX+) and it > seem > > > to be > > > > working per IF config info: > > > > > > > > eth1 Link encap:Ethernet HWaddr > > > > 00:50:BA:40:57:43 > > > > inet addr:192.168.0.1 > > > Bcast:192.168.0.255 > > > > Mask:255.255.255.0 > > > > UP BROADCAST RUNNING MULTICAST > MTU:1500 > > > > Metric:1 > > > > RX packets:10 errors:0 dropped:0 > > > overruns:0 > > > > frame:0 > > > > TX packets:2 errors:0 dropped:0 > > > overruns:0 > > > > carrier:0 > > > > collisions:0 txqueuelen:100 > > > > Interrupt:18 Base address:0xd800 > > > > > > > > I gave the card in the machine running 6.1 the > > > address > > > > 192.168.0.2. I set 192.168.0.1 machine as the > > > > gateway. The problem is I can't Ping the > other > > > > machine. I can ping the the machines locally > i.e. > > > > 192.168.0.1 can be pinged from 192.168.0.1. > When > > > I > > > > try to Ping 192.168.0.1 from 192.168.0.2. > Nothing > > > > happens. When I ctrl C I get a message that > all > > > > packets were lost. The same thing happens in > > > reverse. > > > > I did happen to look in /var/log/messgaes in > the > > > > machine that was pinged and found the > following: > > > > > > > > > > > > Sep 12 18:37:09 cm-24-161-17-97 kernel: Packet > > > log: > > > > input DENY eth1 PROTO=1 192.168.0.2:8 > > > 192.168.0.1:0 > > > > L=84 S=0x00 I=34 F=0x0000 T=64 (#30) > > > > > > > > This appears in both machines log files for > every > > > > packet sent. It appears there is some sort of > > > > security setting that is dropping the packets? > I > > > just > > > > can't figure out where. > > > > > > > > Both machines have IP chains and PM firewall > > > installed > > > > since both at one time or another have had > > > internet > > > > access. The one currently with internet > access > > > has PM > > > > firewall running on eth0. On the other > machine I > > > ran > > > > "PM Firewall stop". > > > > > > > > Any help much appreciated. > > > > > > > > > > > > > __________________________________________________ > > > > Do You Yahoo!? > > > > Yahoo! Mail - Free email you can access from > > > anywhere! > > > > http://mail.yahoo.com/ > > > > > > > > > > > > > > > > ____________________________________________________________________________ > __ > > > Vous avez un site perso ? > > > 2 millions de francs à gagner sur i(france) ! > > > Webmasters : ZE CONCOURS ! > > > http://www.ifrance.com/_reloc/concours.emailif > > > > > > > > > > > > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! Mail - Free email you can access from > anywhere! > > http://mail.yahoo.com/ > > > > > ______________________________________________________________________________ > Vous avez un site perso ? > === message truncated === __________________________________________________ Do You Yahoo!? Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/