Colin Close <[EMAIL PROTECTED]> writes: > Florin wrote: > > > Hi, > > > >your firewall setup is obviously wrong, if I'm not mistaking ... > > > Hi Florin, > > I am using the default rules so something should work. > I think though I have a clue to the problem. > With firewall running when I run eciadsl-start scripts all goes well and I > get a connection. near the end of the fairly verbose output I get the > following error message: "Couldn't set pass filter in kernel: Invalid > argument"
this is because of an incompatibility between the kernel and the iptables package. If often occurs with the masquerading rules. I suspect you have changed either the kernel or the iptables package ... without mentioning it ... > When I run "route -n" I discover that the default route is set to the > local point to point address and not the internet address. If I run > ifconfig I can see ppp0 with the correct pair of addresses. If I then > delete the default route and reinstate it with correct route I can at > least ping an external host and see the hostname resolved by an external > dns server. I still get no replies from the ping or http from a local > machine but at least there is a connection to the internet from the fw > machine with the firewall up. what happens if you fire shorewall clear (no firewall that is) and then try to bring up the dsl connection ? Do you get a correct route ? > If I then go to the web interface using a machine on the local lan and > interrogate the adsl status ppp0 is marked as down. this is marked as down because of the ping result ... it doesn't mean the interface is down. This has been already discussed on this ml, check the archives about the /usr/share/naat/script/pingtest.sh script. > If I attempt to start > it with the green button the eciadsl-pppoeci is killed and the interface > reverts to lo. The output of route -n reflects this. > > I don't know where to go from here, do you have any pointers? this is sort of a theoretical discussion because you did'nt post anything about your firewall setup ... > Regards > > Colin Close > > > > >>Colin Close <[EMAIL PROTECTED]> writes: > >> > > > > > >>Colin Close wrote: > >> > >> > >>>Hi All, > >>> > >>>I have been try to get MNF2 beta working for two weeks now and I think I > >>>must tbe doing something stupid. > >>> > >>>The first proble I am having is that I cannot get a reliable loacal > >>>interface. > >>>I have install on a 400mHz P2 with 64M memory. I am using an 8139 based > >>>network card for eth0 at address 10.0.0.151, 255.255.255.0. I cannot get > >>>any meaningful communication through this interface. After a clean > >>>install I cannot do a local ping i.e as root on the firewall machine > >>>ping localhost or ping 10.0.0.151 gets no reply. Pings to outside > >>>machines on the same network also result in no reply. If I run Shorewall > >>>stop i can ping outside machines on the same network from the FW. > >>>Any attempt to ping FW machine from the local network results in no > >>>response. I cannot connect to the admin interface either with the > >>>firewall up or down. Over the two weeks I have re-installed a number of > >>>times and once ot twice I have had the admin interface working but I > >>>have never been able to ping localhost or 10.0.0.151 locally at the > >>>firewall. > >>> > >>>I tried a different network cards a 3COM900B and ne2k based item the > >>>3Com loads the driver but init doesn't bring it up properly since it > >>>doesn't seem to load an mii interface for it and I get an error "no > >>>network beat detected). The ne2k based item would not function at all > >>>even though the driver loaded ok. > >>> > >>>Finally a simple question. Is X supposed to install or is this now > >>>disabled; when I try and install it I get a message that "X cannot be > >>>installed" > >>>I see the package on the iso and it installs all the libraries but no > >>>server. > >>> > >>>Regards, > >>> > >>>Colin Close > >>> > >>Hi All, > >> > >> Answering my own mail here. A re-install with a newly burnt disk > >>and some additional memory seems to have improved matters. A home built > >>secure kernel with the small patch for the eciadsl userland modem driver > >>allows me to connect to an external internet address from the firewall > >>machine via the ppp0 interface as long as the firewall is stopped. I > >>cannot however ping an external host when the firewall is brought up even > >>though this appears to be allowed by the rules. > >>I can now ping from the firewall machine to local lan addresses but I > >>cannot ping the firewall machine from the local lan even though this > >>appears to be allowed by the rules. I can however connect to the admin > >>interface and change parameters from the local lan with out any problem so > >>the network connection must be ok. If I set a local lan machine to use the > >>firewall machine as its default gateway I cannot ping an external host. > >>Am I missing something obvious here; can anyone give me any pointers as to > >>where to look for the problem? > >> > >>Colin Close > >> > >>____________________________________________________ > >> Want to buy your Pack or Services from MandrakeSoft? Go to > >> http://www.mandrakestore.com > >>Join the Club : http://www.mandrakeclub.com > >>____________________________________________________ > >> > > cheers, -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
