Re: [Cooker] drakgw, shorewall and the latest kernel

Adam Williamson Wed, 26 Feb 2003 11:46:30 -0800

On Wed, 2003-02-26 at 19:13, Florin wrote:
> 1. what about /etc/sysconfig/network ?
> 2. what about /etc/sysconfig/network-scripts/net_cnx_up ?
> 3. ifconfig ?
> 4. route -n ?
> 5. grep -v ^# /etc/shorewall/{zones,interfaces,masq,policy,rules} |grep -v $^


1:

HOSTNAME=aw280.pem.cam.ac.uk
NETWORKING=yes
DOMAINNAME=pem.cam.ac.uk
GATEWAY=131.111.201.62
GATEWAYDEV=eth0
FORWARD_IPV4=true

2:

#!/bin/bash
if [ "x$1" == "x--boot_time" ]; then exit; fi
 
/etc/rc.d/init.d/network restart

3:

eth0      Link encap:Ethernet  HWaddr 00:04:5A:5C:72:9D
          inet addr:131.111.201.49  Bcast:131.111.255.255 
Mask:255.255.0.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:400167 errors:0 dropped:0 overruns:0 frame:0
          TX packets:79020 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:237563999 (226.5 Mb)  TX bytes:7361449 (7.0 Mb)
          Interrupt:10 Base address:0xcc00
 
eth1      Link encap:Ethernet  HWaddr 00:05:1C:09:44:E9
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:9303 errors:0 dropped:0 overruns:0 frame:0
          TX packets:39202 errors:0 dropped:0 overruns:0 carrier:0
          collisions:66 txqueuelen:100
          RX bytes:866614 (846.3 Kb)  TX bytes:56923030 (54.2 Mb)
          Interrupt:12 Base address:0xd400
 
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1355 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1355 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:167924 (163.9 Kb)  TX bytes:167924 (163.9 Kb)

4:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0
eth1
131.111.0.0     0.0.0.0         255.255.0.0     U     0      0        0
eth0
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0
eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0
lo
0.0.0.0         131.111.201.62  0.0.0.0         UG    0      0        0
eth0

(I don't know what the 169.254.0.0 stuff is doing there...)

5:

/etc/shorewall/zones:net        Net     Internet zone
/etc/shorewall/zones:loc        Local   Local
/etc/shorewall/interfaces:net   eth0    detect
/etc/shorewall/interfaces:loc   eth1    detect
/etc/shorewall/policy:loc       net     ACCEPT
/etc/shorewall/policy:fw        net     ACCEPT
/etc/shorewall/policy:net       all     DROP    info
/etc/shorewall/policy:all       all     REJECT  info
/etc/shorewall/rules:ACCEPT     net     fw      tcp     22      -
/etc/shorewall/rules:ACCEPT     loc     fw      tcp     22      -

(that's before I attempt to setup internet connection sharing, let me
know if you want the output after I attempt to set it up).

As noted in private emails, if I remove one of the duplicate lines in
/etc/shorewall/interfaces - the one which makes eth1 a member of loc,
just leaving the one which makes it a member of masq - shorewall startup
proceeds to a much later point then dies because an iptables command
isn't correctly completed, which seems to be the bug you mentioned
getting.
-- 
adamw

Re: [Cooker] drakgw, shorewall and the latest kernel

Reply via email to