SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-20-2008, 12:52 PM
| ||||
| ||||
 Slackware 9.0 is dropping all packets form local network I just upgraded to slack 9.0. after a fresh install i have only changed 2 things. added to rc.local: ifconfig eth1 192.168.0.101 netmask 255.255.255.0 up dnsmasq eth1 start <--- I also updaded config file /etc/dnsmasq.conf the windows computer in my local network gets an IP in the specified range and recognizes the linux router as the gateway. The problem Im having is that the router is dropping all other packets. I cant ssh or even ping it. I did an iptables -F just to be sure but no luck. What else would tell linux to drop packets? is dnsmasq doing anyhting extra I dont know about? I am new to all of this so any help is apretiated. thanks! ...aaron      |
|
02-20-2008, 12:53 PM
| |||
| |||
| Re: Slackware 9.0 is dropping all packets form local network "armantic" <armantic101@gmail.com> wrote: > I just upgraded to slack 9.0. Why did you upgrade to a release that is almost 3 years old? > after a fresh install i have only changed 2 things. > > added to rc.local: > ifconfig eth1 192.168.0.101 netmask 255.255.255.0 up dnsmasq eth1 > start <--- I also updaded config file > /etc/dnsmasq.conf > the windows computer in my local network gets an IP in the specified > range and recognizes the linux router as the gateway. The problem Im > having is that the router is dropping all other packets. I cant ssh or > even ping it. I did an iptables -F just to be sure but no luck. What > else would tell linux to drop packets? My guess is that the packets are not dropped, but the replies are sent out the default route which is probably eth0. A line with ifconfig will not be enough, you will also need a line looking something like: route add -net 192.168.0.0 netmask 255.255.255.0 dev eth1 regards Henrik -- The address in the header is only to prevent spam. My real address is: hc7(at)uthyres.com Examples of addresses which go to spammers: root@variousus.net root@localhost |
|
02-20-2008, 12:54 PM
| |||
| |||
| Re: Slackware 9.0 is dropping all packets form local network awsome it works! thanks for the advice. Just out of curiosity, can I acomplish the same result configuring iptables correctly? I've never seen this command before and am trying to get an idea what it does. thanks again! ...aaron |
|
02-20-2008, 12:54 PM
| |||
| |||
| Re: Slackware 9.0 is dropping all packets form local network "armantic" <armantic101@gmail.com> wrote: > can I acomplish the same result configuring iptables > correctly? I don't think that iptables is able to replace the functionality of the route command. However, I am not an expert in firewalls or iptables. Instead of configuring my own firewall from scratch I therefore prefer to use a special firewall distribution like floppyfw for this purpose. I wouldn't want to have the firewall functionality on a server that is supposed to be protected by the firewall. Mostly, because I wouldn't want any server functionality on the firewall. regards Henrik -- The address in the header is only to prevent spam. My real address is: hc7(at)uthyres.com Examples of addresses which go to spammers: root@variousus.net root@localhost |
|
02-20-2008, 12:54 PM
| |||
| |||
| Re: Slackware 9.0 is dropping all packets form local network Henrik Carlqvist wrote: > "armantic" <armantic101@gmail.com> wrote: >> can I acomplish the same result configuring iptables >> correctly? > > I don't think that iptables is able to replace the functionality of the > route command. However, I am not an expert in firewalls or iptables. > Instead of configuring my own firewall from scratch I therefore prefer to > use a special firewall distribution like floppyfw for this purpose. I > wouldn't want to have the firewall functionality on a server that is > supposed to be protected by the firewall. Mostly, because I wouldn't want > any server functionality on the firewall. > > regards Henrik I would have to disagree with you there Henrik. The reason being is that if you subscribe to the 1 firewall protecting the network scheme, then if someone gets past your firewall, you potentially have a lot of "unprotected" systems. It is not a bad idea to have a firewall up on a system even though it is not on the "edge". As far as iptables goes, it is a bit "squirrel"ly to set up but there are GUI front ends that you can use to help you learn how to use it. Gecko |
|
02-20-2008, 12:54 PM
| |||
| |||
| Re: Slackware 9.0 is dropping all packets form local network Jason Hoss <jehoss@nospam.msn.com> wrote: > Henrik Carlqvist wrote: >> I wouldn't want to have the firewall functionality on a server that is >> supposed to be protected by the firewall. Mostly, because I wouldn't want >> any server functionality on the firewall. > I would have to disagree with you there Henrik. The reason being is that if > you subscribe to the 1 firewall protecting the network scheme, then if > someone gets past your firewall, you potentially have a lot of > "unprotected" systems. It is not a bad idea to have a firewall up on a > system even though it is not on the "edge". Ok, It won't harm to have firewalls also on internal machines. I agree with this as my single firewall will only stop attacks from the outside. My single firewall will not be able to stop something like a trojan or spyware from "phoning home". However, to protect from attacks from the outside, I still prefer a simple firewall with no services like http, telnet or even ssh. As long as the firewall hasn't any services there is no way to break into it. regards Henrik -- The address in the header is only to prevent spam. My real address is: hc7(at)uthyres.com Examples of addresses which go to spammers: root@variousus.net root@localhost |
|
02-20-2008, 12:55 PM
| ||||
| ||||
| Re: Slackware 9.0 is dropping all packets form local network Henrik Carlqvist wrote: > Jason Hoss <jehoss@nospam.msn.com> wrote: >> Henrik Carlqvist wrote: >>> I wouldn't want to have the firewall functionality on a server that is >>> supposed to be protected by the firewall. Mostly, because I wouldn't >>> want any server functionality on the firewall. > >> I would have to disagree with you there Henrik. The reason being is that >> if you subscribe to the 1 firewall protecting the network scheme, then if >> someone gets past your firewall, you potentially have a lot of >> "unprotected" systems. It is not a bad idea to have a firewall up on a >> system even though it is not on the "edge". > > Ok, It won't harm to have firewalls also on internal machines. I agree > with this as my single firewall will only stop attacks from the outside. > My single firewall will not be able to stop something like a trojan or > spyware from "phoning home". > > However, to protect from attacks from the outside, I still prefer a simple > firewall with no services like http, telnet or even ssh. As long as the > firewall hasn't any services there is no way to break into it. > > regards Henrik True, but for the paranoid among us it might not be good enough  I doagree with your angle however. |
 |
« How do I see a Memory card
|
KDE Floppy Formatter output error "low level formatting error track 0" »
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 01:44 PM.
