[prev in list] [next in list] [prev in thread] [next in thread]
List: suse-linux-e
Subject: Re: [SLE] Re: [oclug] firewall/gateway/router
From: StarTux <matthew () psychohorse ! com>
Date: 2001-07-03 22:55:51
[Download RAW message or body]
For a standard 192.168.x.x address the subnet should be 255.255.255.0.
There is some way to figure this out based on IP, but I cannot remember.
Matt
--
"You know you have a Supernorn when he learns to run as root"
On Tue, 3 Jul 2001, rob wrote:
> > > I dont know where you get the 255.255.254.0
> >
> > this is the number I get when I run winipcfg on my Win Box, on the offical
> > paper work is is 255.255.252.0
> >
>
> Ok lets do one problem at a time... this is a 95/98 machine?
>
> just fro kicks go to yast,network config, net work base, f6
> you see the default netmask is 255.255.255.0
>
> Im not a network engineer but Im pretty sure 254 is not correct
>
> here is output from my w2k eg ipconfig /all
>
> Ethernet adapter Local Area Connection:
>
>
>
> Connection-specific DNS Suffix . :
> Description . . . . . . . . . . . : SMC EZ Card 10/100 (SMC1211TX)
> Physical Address. . . . . . . . . : 00-80-ee-6F-f6-u7
>
> DHCP Enabled. . . . . . . . . . . : Yes
>
> Autoconfiguration Enabled . . . . : Yes
>
> IP Address. . . . . . . . . . . . : 10.54.6.5
>
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
>
> Default Gateway . . . . . . . . . : 10.54.6.1
>
> DHCP Server . . . . . . . . . . . : 10.54.6.1
>
> DNS Servers . . . . . . . . . . . : 198.22.10.2
> 198.22.10.4
> Primary WINS Server . . . . . . . : 10.54.6.2
>
> Lease Obtained. . . . . . . . . . : Monday, July 02, 2001 8:39:41 AM
>
> Lease Expires . . . . . . . . . . : Monday, August 13, 2001 12:39:41 AM
>
> #####################################################################
>
> here is output from the linux server ifconfig
>
> eth0 Link encap:Ethernet HWaddr ss:34:4f:39:f5:EC
> inet addr:10.54.6.2 Bcast:10.54.6.255 Mask:255.255.255.0
> inet6 addr: fe80::60:9739:b9ec/10 Scope:Link
> inet6 addr: fe80::260:97ff:fe39:b9ec/10 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:235383 errors:0 dropped:0 overruns:0 frame:0
> TX packets:214437 errors:0 dropped:0 overruns:0 carrier:0
> collisions:3395 txqueuelen:100
> Interrupt:10 Base address:0x230
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> inet6 addr: ::1/128 Scope:Host
> UP LOOPBACK RUNNING MTU:3792 Metric:1
> RX packets:77480 errors:0 dropped:0 overruns:0 frame:0
> TX packets:77480 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
>
>
>
>
>
>
>
>
> > > ^^^^^
> > > 254? that should be 255
> > >
> > > Is your router doing dhcp to the lan? if so, you need to set that up in
> > > yast, network config, auto ip
> > >
> > > Does this router do NAT? if so I really wouldnt bother with SuSe FW as
> > > the router should have the capability of doing all the
> > > firewalling/blocking.
> > >
> > > I came in late on this but what kind of router is this? SMC? Netgear?
> > > does it have a NAT FW built in?
> >
> > Actually I'm don't have a commercial router. I was just trying to discribe
> > what I was doing with this Linux Box I'm trying to set up.
> >
> > >
> > > most new router/hardware has NAT and FW with a web interface. I have a
> > > SMC and its great!!
> > >
> > > rob
> > >
> > > b stephen harding wrote:
> > > > On Monday 02 July 2001 09:36, you wrote:
> > > > > On Mon, Jul 02, 2001 at 12:18:23AM -0400, b stephen harding wrote:
> > > > > > External
> > > > > > eth0 24.x.x.x(IP), 24.x.x.1(gateway),
> > > > > > crxxxx-a.slnt1.on.wave.home.com(Domain)
> > > > > >
> > > > > >
> > > > > > Internal
> > > > > > eth1 192.x.x.1(IP), 192.168.100.7(gateway),
> > > > > > geeko-gate.crxxxx-a.slnt1.on.wave.home.com(Domain)
> > > > >
> > > > > You specified a default gateway for the internal interface? Doesn't
> > > > > that defeat the purpose?
> > > > >
> > > > > You should need only the one gateway (ie. Rogers' gateway). Then as
> > > > > long as you have the ipmasq modules loaded and have forwarding for your
> > > > > internal network enabled with ipchains, you should be good.
> > > > >
> > > > > I'm loading these
> > > > >
> > > > > ip_masq_irc
> > > > > ip_masq_ftp
> > > > > ip_masq_user
> > > > > ip_masq_raudio
> > > > >
> > > > > And then the appropriate rule to forward would be...
> > > > >
> > > > > # IP Masquerade from the internal network.
> > > > > $ipchains -A forward -s $innetwork/24 -j MASQ
> > > > >
> > > > > where in your case (and mine),
> > > > >
> > > > > $innetwork=192.168.0.0
> > > > >
> > > > > Of course, you'll want a lot more in your firewall rules than that.
> > > >
> > > > Well I tried to restart my routing with rcroute restart and it
> > > > produced...
> > > >
> > > > [Error While Excuting:
> > > > /sbin/route del -net 24.112.208.18 netmask 255.255.254.0 gw
> > > > 24.112.208.1 dev eth0
> > > > route: netmask doesn't match route address
> > > >
> > > > shutting down routing
> > > > setting up routing (using /etc/route/.conf)
> > > > Error while excuting:
> > > > /sbin/route add -net 24.112.208.18 netmask 255.255.254.0 gw
> > > > 24.112.208.1 dev eth0 # external "geeko-wall"]
> > > >
> > > > So the list between the square bracket is the error message. God I feel
> > > > like I'm crawling though the dark! I'm sure once this is done I'll think
> > > > it was just a bunch of fun (or not).
> >
> > I also get this message for FAILED services when I boot up this firewall
> > box.... "SuSEfirewall_init SuSEfirewall_setup SuSEfirewall_final". I'm not
> > sure if that is related to the fact that the routing is not working?
> >
> > --
> > To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com
> > For additional commands send e-mail to suse-linux-e-help@suse.com
> > Also check the FAQ at http://www.suse.com/support/faq and the
> > archives at http://lists.suse.com
>
> --
> To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com
> For additional commands send e-mail to suse-linux-e-help@suse.com
> Also check the FAQ at http://www.suse.com/support/faq and the
> archives at http://lists.suse.com
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic