10-29-2007
Wierd networking issue
I have Debian Etch release as a fresh install on a PIII to be a router/firewall. I've configured networking, and utilized Shorewall to set up iptables scripting. I've installed dhcp3, both client and server, to pull an ip from my broadband cable modem, and dish out ip's to a switch for other systems.
I was having an issue with not having net access beyond the firewall, and was not able to ping back and forth from the firewall to any other system(WinXP SP2 to be particular) on the network. discovered an errant entry in the dhcpd.conf file that listed an incorrect DNS server, and now I have net access on the other systems, however I still cannot ping between the firewall and other systems on the local network.
My questions are why is this working? Without the 2 communicating, seems to me net access is not possible, and anyone have pointers to get things going correctly?
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I am getting this message when I run my script.
$ runscript.sh
Not connected to any service!
Here is the beginning of the script:
# 1 - failure
#
# variable declaration
FILEDATE=`date +"%Y%m%d"`
Not connected to any service!
Right after the FILEDATE gets loaded I get that... (6 Replies)
Discussion started by: lesstjm
6 Replies
2. Solaris
Hi!
I own a sparc 5 and i seem to have a strange problem. When its off, it starts by itself...
Sounds a bit strange? Iknow. Does anyone know whats causing this?? Could it be the network card? or is it someting in ENV or some other configuration??
//dOzY (5 Replies)
Discussion started by: dozy
5 Replies
3. UNIX for Dummies Questions & Answers
So yeah, I have knoppix live and can't seem to set the devices on the network... I configured the IP, and the server sees it, I configured DNS and I can access some websites, and I still can't access the shared folders on the system.
Did I miss something here? (0 Replies)
Discussion started by: Itsaboutme
0 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I have two machines, one is a E3500 and the other one is a V490;
I face a strange issue with both of them. The boot up sequence gives the output of the devalias command. Has anybody faced this?? Please do let me know what needs to be done o resolve this.
Regards,
NP (1 Reply)
Discussion started by: nitinp82
1 Replies
5. Red Hat
Hello all,
Am new to the linux game and have successfully installed FC5 onto an Acer Veriton 5100 series (P3) pc. Am having to install some RedHat servers in a few weeks running SAMBA, so I thought it would be a smart idea to start learning (well a similar OS) of how the package hangs together... (3 Replies)
Discussion started by: Cameron
3 Replies
6. Shell Programming and Scripting
Hey, I'm trying to use awk for some simple file manipulations but i'm getting soem wierd results.
So i want to open up a file which looks like this:
@relation 'autoMpg'
@attribute a numeric
@attribute b numeric
@attribute c numeric
@data
-1.170815,0.257522,0.016416... (2 Replies)
Discussion started by: amatheny
2 Replies
7. IP Networking
Oh people of expert i have proplem related to networking i wanna setup a computer as a web server and giving that server a real ip address
The details here as follows the location of that computer is a lab full of computers attached to local lan each lab is attached to a smart switch ( not... (3 Replies)
Discussion started by: h@foorsa.biz
3 Replies
8. Shell Programming and Scripting
Hi experts,
This is what Im doing...
file_cnt=`cat abc_ | wc -l`
head -$file_cnt abc > abc_2
if ; then
error "failed on rename abc_ > abc_2"
exit 1
fi
try_run "rm -f abc_"
try_run "mv abc_2 abc_"
This is what the output on screen, I get on executing---->
+ + wc -l... (5 Replies)
Discussion started by: nss280
5 Replies
9. AIX
Hello,
I'm trying to set up an internet connection on an IBM RS/6000 7043-140 machine with AIX v 5.1. The problem is that no matter if it is setup to receive an IP address from another DHCP server or has a static IP set, it seems to act as a DHCP server that assigns a random IP address with a... (3 Replies)
Discussion started by: Xsystem
3 Replies
10. AIX
Hi,
I installed AIX 7.1 on a blade though (hmc with vio). I can ping the IP address, but not the gateway. Is there anything that I should configure?
Is there anything that I have to check with vio setting or Am I missing any configuration?
Please let me know further.
Thank you (5 Replies)
Discussion started by: pjeedu2247
5 Replies
LEARN ABOUT DEBIAN
pyroman
PYROMAN(8) System Manager's Manual PYROMAN(8)
NAME
pyroman - a firewall configuration utility
SYNOPSIS
pyroman
[ -hvnspP ] [ -r RULESDIR ] [ -t SECONDS ]
[ --help ] [ --version ] [ --safe ] [ --no-act ]
[ --print ] [ --print-verbose ] [ --rules=RULESDIR ]
[ --timeout=SECONDS ] [ safe ]
DESCRIPTION
pyroman is a firewall configuration utility.
It will compile a set of configuration files to iptables statements to setup IP packet filtering for you.
While it is not necessary for operating and using Pyroman, you should have understood how IP, TCP, UDP, ICMP and the other commonly used
Internet protocols work and interact. You should also have understood the basics of iptables in order to make use of the full
functionality.
pyroman does not try to hide all the iptables complexity from you, but tries to provide you with a convenient way of managing a complex
networks firewall. For this it offers a compact syntax to add new firewall rules, while still exposing access to add arbitrary iptables
rules.
OPTIONS
-r RULESDIR,--rules=RULES
Load the rules from directory RULESDIR instead of the default directory (usually /etc/pyroman )
-t SECONDS,--timeout=SECONDS
Wait SECONDS seconds after applying the changes for the user to type OK to confirm he can still access the firewall. This implies
--safe but allows you to use a different timeout.
-h, --help
Print a summary of the command line options and exit.
-V, --version
Print the version number of pyroman and exit.
-s, --safe, safe
When the firewall was committed, wait 30 seconds for the user to type OK to confirm, that he can still access the firewall (i.e. the
network connection wasn't blocked by the firewall). Otherwise, the firewall changes will be undone, and the firewall will be
restored to the previous state. Use the --timeout=SECONDS option to change the timeout.
-n, --no-act
Don't actually run iptables. This can be used to check if pyroman accepts the configuration files.
-p, --print
Instead of running iptables, output the generated rules.
-P, --print-verbose
Instead of running iptables, output the generated rules. Each statement will have one comment line explaining how this rules was
generated. This will usually include the filename and line number, and is useful for debugging.
CONFIGURATION
Configuration of pyroman consists of a number of files in the directory /etc/pyroman. These files are in python syntax, although you do
not need to be a python programmer to use these rules. There is only a small number of statements you need to know:
add_host
Define a new host or network
add_interface
Define a new interface (group)
add_service
Add a new service alias (note that you can always use e.g. www/tcp to reference the www tcp service as defined in /etc/services)
add_nat
Define a new NAT (Network Address Translation) rule
allow Allow a service, client, server combination
reject Reject access for this service, client, server combination
drop Drop packets for this service, client, server combination
add_rule
Add a rule for this service, client, server and target combination
iptables
Add an arbitrary iptables statement to be executed at beginning
iptables_end
Add an arbitrary iptables statement to be executed at the end
Detailed parameters for these functions can be looked up by caling
cd /usr/share/pyroman
pydoc ./commands.py
BUGS
None known as of pyroman-0.4 release
AUTHOR
pyroman was written by Erich Schubert <erich@debian.org>
SEE ALSO
iptables(8), iptables-restore(8) iptables-load(8)
PYROMAN(8)