TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [TCLUG:8792] Multiple Ethernet Woes
hosts.allow and hosts.deny are both empty....
The firewall machine(which is not currently setup in the 'bridge' position...as
I can't install the firewall machine and interrupt service to our network...I've
got to get things working first...)
The way things are (until I can make this box the bridge/firewall..) right now,
both cards plug into the network with both subnets on it....the 'boomerang' card
correctly pings and can be pinged, but not the 3c509, no incoming, no
outgoing...
I want to believe that the problem is the routing tables and my inability to
configure it, and not the card itself....I'll post the current route table
here...
Script started on Thu Sep 30 07:53:00 1999
[root@firewall /root]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
205.218.57.25 * 255.255.255.255 UH 0 0 0 eth0
192.168.6.48 * 255.255.255.255 UH 0 0 0 eth1
192.168.6.0 * 255.255.255.0 U 0 0 0 eth1
205.218.57.0 * 255.255.255.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default gw.bbros.com 0.0.0.0 UG 0 0 0 eth0
[root@firewall /root]# exit
exit
Script done on Thu Sep 30 07:53:08 1999
Thanks guys...I appreciate all this....
----------
>From: Mark Dalton <mwd@sgi.com>
>To: tclug-list@mn-linux.org
>Subject: Re: [TCLUG:8792] Multiple Ethernet Woes
>Date: Thu, Sep 30, 1999, 11:47 AM
>
>
> I will take a look.. Rather than just using /etc/hosts.deny /etc/hosts.allow,
> I should have suggested to the others to use 'ipchains', so you can determine
> which side of the firewall the person/IP address is comming from.
>
> I will see if I can go and find your message and take a look.
>
> That said:
> 1. Can you firewall machine see/connect to the other machines?
> - Does it know the IP address from the firewall and try to
> connect but fails?
> - Does it connect then fail.
> - What is the netstat -rn and netstat -output?
> 2. What happens when your other machines try to connect to/through
> the firewall machine.
> 3. What security do you have on for the various machines?
> /etc/hosts.deny ALL:ALL and /etc/hosts.allow
> IPChains? filtering
>
> Mark
>
>>
>> And, on the other front, I'm still not getting my firewall working.
>>
>> I've got a 3c509, and a 3c590(Vortex Card). The machine boots, and the
kernel
>> recognizes the cards and sets them up as eth0 and eth1. Then it assigns IP
>> addys to them.
>>
>> Well, the long and short is that eth1 does not see machines on the subnet its
>> assigned to, let alone any others...
>>
>> Its been suggested that my route tables were setup incorrectly, but I posted
>> them a while back and nobody seemed to think they were the problem....
>>
>> So, we have a firewall machine with only one working
card....appearantly...and I
>> have to get this firewall installed by friday...
>>
>> Somebody please help me *begging*
>>
>> Thanks in advance...
>>
>> Brian
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
>> For additional commands, e-mail: tclug-list-help@mn-linux.org
>>
>
>
> --
> Mark Dalton CH3-S-CH2 H H O H
> Silicon Graphics, Inc. | | | \ |
> Eagan, MN 55121 CH2-C-COO //\ ---C--CH2-C-COO C-CH2-C-COO
> mwd@sgi.com | | || || | // |
> NH3 \\/ \ / CH NH3 O NH3
> NH
> My home page: http://www.cbc.umn.edu/~mwd/mwd.html
> Cell Biology: http://www.cbc.umn.edu/~mwd/cell.html
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org
>
>