[leaf-user] [ leaf-Support Requests-617946 ] Can't ping/connect to firewall
Support Requests item #617946, was opened at 2002-10-03 02:20 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=617946group_id=13751 Category: Release/Branch: Bering Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Can't ping/connect to firewall Initial Comment: Hi, I am new to Linux (six months), and am trying to setup a Linux Router using Bering_1.0- rc3_img_bering_1680.exe. I have followed the Bering Installation/Users Guide step-by-step to setup the router using mostly default settings where possible. My problem is that my local LAN (192.168.1.0/24) cannot ping and/or connect to the Bering/Shorewall firewall? The following is the configuration of my LAN at the moment: Win2000P Bering +---+ + + LAN2-| 192.168.72.74 | | eth0:65.95.176.193 |--- PPPoE/ADSL | | || | 192.168.1.10 |-xLink RJ45-| eth1:192.168.1.254 | | | || +---+ + + On the Bering LRP, I can ping (1) eth0, (2) eth1, and the Internet, except when I tried to ping loc:192.168.1.10, I receive the following message: PING 192.168.1.10 (192.168.1.10): 56 data bytes --- 192.168.1.10 ping statistics --- 2 packets transmitted, 0 packets received, 100% packet loss I think it is something to do with either (1) iptables or (2) shorewall. But I don't have the necessary knowledge to fix it. Other information: uname -a: Linux firewall 2.4.18 #4 Sun Jun 9 09:46:15 CEST 2002 i486 unknown ip addr show: 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: dummy0: BROADCAST,NOARP mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 3: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:80:c8:35:c6:7b brd ff:ff:ff:ff:ff:ff 4: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:80:c8:93:ba:3a brd ff:ff:ff:ff:ff:ff inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1 5: ppp0: POINTOPOINT,MULTICAST,NOARP,UP mtu 1492 qdisc pfifo_fast qlen 3 link/ppp inet 65.95.176.193 peer 65.95.176.1/32 scope global ppp0 ip route show: 65.95.176.1 dev ppp0 proto kernel scope link src 65.95.176.193 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.254 default via 65.95.176.1 dev ppp0 iptables -L: Chain INPUT (policy DROP) target prot opt source destination ACCEPT ah -- anywhere anywhere ppp0_inah -- anywhere anywhere eth1_inah -- anywhere anywhere common ah -- anywhere anywhere LOGah -- anywhere anywhere LOG level info prefix `Shorewall:INPUT:REJECT:' reject ah -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU ppp0_fwd ah -- anywhere anywhere eth1_fwd ah -- anywhere anywhere common ah -- anywhere anywhere LOGah -- anywhere anywhere LOG level info prefix `Shorewall:FORWARD:REJECT:' reject ah -- anywhere anywhere Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT ah -- anywhere anywhere DROP icmp -- anywhere anywhere state INVALID ACCEPT icmp -- anywhere anywhere fw2net ah -- anywhere anywhere all2allah -- anywhere anywhere common ah -- anywhere anywhere LOGah -- anywhere anywhere LOG level info prefix `Shorewall:OUTPUT:REJECT:' reject ah -- anywhere anywhere Chain all2all (3 references) target prot opt source destination ACCEPT ah -- anywhere anywhere state RELATED,ESTABLISHED common ah -- anywhere anywhere LOGah -- anywhere anywhere LOG level info prefix `Shorewall:all2all:REJECT:' reject ah -- anywhere anywhere Chain common (5 references) target prot opt source destination icmpdeficmp --
[leaf-user] [ leaf-Support Requests-617946 ] Can't ping/connect to firewall
Support Requests item #617946, was opened at 2002-10-03 00:20 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=617946group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Can't ping/connect to firewall Initial Comment: Hi, I am new to Linux (six months), and am trying to setup a Linux Router using Bering_1.0- rc3_img_bering_1680.exe. I have followed the Bering Installation/Users Guide step-by-step to setup the router using mostly default settings where possible. My problem is that my local LAN (192.168.1.0/24) cannot ping and/or connect to the Bering/Shorewall firewall? The following is the configuration of my LAN at the moment: Win2000P Bering +---+ + + LAN2-| 192.168.72.74 | | eth0:65.95.176.193 |--- PPPoE/ADSL | | || | 192.168.1.10 |-xLink RJ45-| eth1:192.168.1.254 | | | || +---+ + + On the Bering LRP, I can ping (1) eth0, (2) eth1, and the Internet, except when I tried to ping loc:192.168.1.10, I receive the following message: PING 192.168.1.10 (192.168.1.10): 56 data bytes --- 192.168.1.10 ping statistics --- 2 packets transmitted, 0 packets received, 100% packet loss I think it is something to do with either (1) iptables or (2) shorewall. But I don't have the necessary knowledge to fix it. Other information: uname -a: Linux firewall 2.4.18 #4 Sun Jun 9 09:46:15 CEST 2002 i486 unknown ip addr show: 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: dummy0: BROADCAST,NOARP mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 3: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:80:c8:35:c6:7b brd ff:ff:ff:ff:ff:ff 4: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:80:c8:93:ba:3a brd ff:ff:ff:ff:ff:ff inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1 5: ppp0: POINTOPOINT,MULTICAST,NOARP,UP mtu 1492 qdisc pfifo_fast qlen 3 link/ppp inet 65.95.176.193 peer 65.95.176.1/32 scope global ppp0 ip route show: 65.95.176.1 dev ppp0 proto kernel scope link src 65.95.176.193 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.254 default via 65.95.176.1 dev ppp0 iptables -L: Chain INPUT (policy DROP) target prot opt source destination ACCEPT ah -- anywhere anywhere ppp0_inah -- anywhere anywhere eth1_inah -- anywhere anywhere common ah -- anywhere anywhere LOGah -- anywhere anywhere LOG level info prefix `Shorewall:INPUT:REJECT:' reject ah -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU ppp0_fwd ah -- anywhere anywhere eth1_fwd ah -- anywhere anywhere common ah -- anywhere anywhere LOGah -- anywhere anywhere LOG level info prefix `Shorewall:FORWARD:REJECT:' reject ah -- anywhere anywhere Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT ah -- anywhere anywhere DROP icmp -- anywhere anywhere state INVALID ACCEPT icmp -- anywhere anywhere fw2net ah -- anywhere anywhere all2allah -- anywhere anywhere common ah -- anywhere anywhere LOGah -- anywhere anywhere LOG level info prefix `Shorewall:OUTPUT:REJECT:' reject ah -- anywhere anywhere Chain all2all (3 references) target prot opt source destination ACCEPT ah -- anywhere anywhere state RELATED,ESTABLISHED common ah -- anywhere anywhere LOGah -- anywhere anywhere LOG level info prefix `Shorewall:all2all:REJECT:' reject ah -- anywhere anywhere Chain common (5 references) target prot opt source destination icmpdeficmp --