Hmmm... has anybody contacted Kiggs on this matter? Bwana Kiggs, where art thou? If I do remember correctly, he does market SuSE in East and central Africa now doesn't he?
As for Lule George William (Mr) I think your linux/cisco skills need honing. A bad workman always blames his tools! Choose an OS and stick to it. This world has too many double agents already! Simon says Slackware! You simply can't go wrong... http://www.slackware.com/ http://www.slackware.com/announce/10.0.php Sekidde "Lule George William" <[EMAIL PROTECTED]> wrote: > >Hello guys, >I didn't just let this thread die off. Just been doing alot of work on � >this machine and currently here is the update since my last posting. >1) Knocked off SuSE 9.1 and installed 8.0, just to C how it will � >behave. There was no change with 9.0. >2) Knocked off 8.0 and placed on Windoze 2K Server. Windoze behaved � >well!!! Could ping both the router and my internal network, � >perfectly!!! This practically ruled out hardware malfunction. >3) Knocked off Windoze and placed back 9.1. No firewall configured, no � >named, no nothing, the weird behaviour returned, can ping the internal � >network, returns network unreachable when pinging the router. >4) Since the router is a 2611 with a 10Mbps connection Simon advised >me � >not to allow the card facing the router to autonegotiate but fix it at � >10Mbs Half Duplex. I did that but there was no change. >5) Went to the stores and picked another new 2611, gave it a � >configuration just enough for us to get onto the Internet, plugged it � >in in place of the old one. Still no change. � >So at this point I start to answer your questions: > > >> Hi, >> � >> Could you drop us the following configs (you can censor your IPs ) >> � >> Router >> - sh run, > > >UMU#sh running-config >Building configuration... > >Current configuration : 790 bytes >! >version 12.2 >service timestamps debug uptime >service timestamps log uptime >no service password-encryption >! >hostname UMU >! >enable secret 5 $1$MHGk$wXIwNX2OPyqpApF3xAyGm1 >enable password ************ >! >ip subnet-zero >! >! >ip name-server 212.88.97.** >ip name-server 212.88.97.** >! >! >! >! >interface Ethernet0/0 > ip address 212.88.97.** 255.255.255.** > no ip mroute-cache > half-duplex >! >interface Serial0/0 > ip address 212.88.96.** 255.255.255.** > no ip mroute-cache >! >interface Ethernet0/1 > no ip address > no ip mroute-cache > shutdown > half-duplex >! >ip default-gateway 212.88.96.** >ip classless >ip route 0.0.0.0 0.0.0.0 212.88.96.** >ip route 0.0.0.0 0.0.0.0 212.88.96.** >ip http server >ip pim bidir-enable >! >! >line con 0 >line aux 0 >line vty 0 4 > exec-timeout 30 0 > password ******** > login >! >end > >UMU# > >> - sh int e0 (or sh int fa0) > >UMU#sh interfaces ethernet 0/0 >Ethernet0/0 is up, line protocol is up > �Hardware is AmdP2, address is 0009.b7fe.6620 (bia 0009.b7fe.6620) > �Internet address is 212.88.97.**/** > �MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, > � � reliability 255/255, txload 1/255, rxload 1/255 > �Encapsulation ARPA, loopback not set > �Keepalive set (10 sec) > �ARP type: ARPA, ARP Timeout 04:00:00 > �Last input 00:00:23, output 00:00:00, output hang never > �Last clearing of "show interface" counters never > �Queueing strategy: fifo > �Output queue 0/40, 0 drops; input queue 0/75, 0 drops > �5 minute input rate 3000 bits/sec, 2 packets/sec > �5 minute output rate 8000 bits/sec, 3 packets/sec > � � 11235 packets input, 1445083 bytes, 0 no buffer > � � Received 6 broadcasts, 0 runts, 0 giants, 0 throttles > � � 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored > � � 0 input packets with dribble condition detected > � � 10791 packets output, 7595172 bytes, 0 underruns > � � 11 output errors, 0 collisions, 1 interface resets > � � 0 babbles, 0 late collision, 2 deferred > � � 11 lost carrier, 0 no carrier > � � 0 output buffer failures, 0 output buffers swapped out > > >> - debug interface e0 (or debug int fa0) > >UMU#debug interface ethernet 0/0 >Condition 1 set >UMU#debug interface ethernet 0/0 >% Condition already set > > >> � >> Firewall >> - ifconfig > >eth0 � � �Link encap:Ethernet �HWaddr 00:0B:CD:D0:C2:48 > � � � � �inet addr:192.168.22.5 �Bcast:192.168.255.255 � >Mask:255.255.0.0 > � � � � �inet6 addr: fe80::20b:cdff:fed0:c248/64 Scope:Link > � � � � �UP BROADCAST NOTRAILERS RUNNING MULTICAST �MTU:1500 � >Metric:1 > � � � � �RX packets:1306 errors:0 dropped:0 overruns:0 frame:0 > � � � � �TX packets:204 errors:0 dropped:0 overruns:0 carrier:0 > � � � � �collisions:0 txqueuelen:1000 > � � � � �RX bytes:415917 (406.1 Kb) �TX bytes:32097 (31.3 Kb) > � � � � �Interrupt:19 > >eth1 � � �Link encap:Ethernet �HWaddr 00:04:79:67:E5:4B > � � � � �inet addr:212.88.97.222 �Bcast:212.88.97.223 � >Mask:255.255.255.240 > � � � � �inet6 addr: fe80::204:79ff:fe67:e54b/64 Scope:Link > � � � � �UP BROADCAST RUNNING MULTICAST �MTU:1500 �Metric:1 > � � � � �RX packets:556 errors:0 dropped:0 overruns:0 frame:0 > � � � � �TX packets:1077 errors:0 dropped:0 overruns:0 carrier:0 > � � � � �collisions:0 txqueuelen:1000 > � � � � �RX bytes:46195 (45.1 Kb) �TX bytes:81764 (79.8 Kb) > � � � � �Interrupt:27 Base address:0x3000 > >lo � � � �Link encap:Local Loopback > � � � � �inet addr:127.0.0.1 �Mask:255.0.0.0 > � � � � �inet6 addr: ::1/128 Scope:Host > � � � � �UP LOOPBACK RUNNING �MTU:16436 �Metric:1 > � � � � �RX packets:132 errors:0 dropped:0 overruns:0 frame:0 > � � � � �TX packets:132 errors:0 dropped:0 overruns:0 carrier:0 > � � � � �collisions:0 txqueuelen:0 > � � � � �RX bytes:12332 (12.0 Kb) �TX bytes:12332 (12.0 Kb) > > >> - iptables -nv --list > >umupo:~ # iptables -nv --list >Chain INPUT (policy DROP 0 packets, 0 bytes) > pkts bytes target � � prot opt in � � out � � source � � � � � � � >destination > � 10 � 652 ACCEPT � � all �-- �lo � � * � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 > � �0 � � 0 DROP � � � all �-- �eth1 � * � � � 0.0.0.0/0 � � � � � � >255.255.255.255 > � �0 � � 0 DROP � � � all �-- �eth1 � * � � � 0.0.0.0/0 � � � � � � >212.88.97.223 > � �0 � � 0 input_ext �all �-- �eth1 � * � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 > �499 �292K input_int �all �-- �eth0 � * � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 > � �0 � � 0 LOG � � � �all �-- �eth0 � * � � � 0.0.0.0/0 � � � � � � >212.88.97.222 � � � LOG flags 6 level 4 prefix `SFW2-IN-ACC_DENIED_INT >' > � �0 � � 0 DROP � � � all �-- �eth0 � * � � � 0.0.0.0/0 � � � � � � >212.88.97.222 > � �0 � � 0 LOG � � � �all �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � LOG flags 6 level 4 prefix `SFW2-IN-ILL-TARGET ' > � �0 � � 0 DROP � � � all �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 > >Chain FORWARD (policy DROP 0 packets, 0 bytes) > pkts bytes target � � prot opt in � � out � � source � � � � � � � >destination > � �0 � � 0 TCPMSS � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp flags:0x06/0x02 TCPMSS clamp to PMTU > >Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) > pkts bytes target � � prot opt in � � out � � source � � � � � � � >destination > � 10 � 652 ACCEPT � � all �-- �* � � �lo � � �0.0.0.0/0 � � � � � � >0.0.0.0/0 > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 11 LOG flags 6 level 4 prefix >`SFW2-OUT-TRACERT-ATTEMPT ' > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 11 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 3 code 3 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 3 code 4 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 3 code 9 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 3 code 10 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 3 code 13 > � �0 � � 0 DROP � � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 3 > �224 30943 ACCEPT � � all �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state NEW,RELATED,ESTABLISHED > � �0 � � 0 LOG � � � �all �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � LOG flags 6 level 4 prefix `SFW2-OUTPUT-ERROR ' > >Chain forward_dmz (0 references) > pkts bytes target � � prot opt in � � out � � source � � � � � � � >destination > >Chain forward_ext (0 references) > pkts bytes target � � prot opt in � � out � � source � � � � � � � >destination > >Chain forward_int (0 references) > pkts bytes target � � prot opt in � � out � � source � � � � � � � >destination > >Chain input_dmz (0 references) > pkts bytes target � � prot opt in � � out � � source � � � � � � � >destination > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 8 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 0 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 3 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 11 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 12 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 14 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 18 > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 5 LOG flags 6 level 4 prefix >`SFW2-INdmz-DROP-ICMP-CRIT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 4 LOG flags 6 level 4 prefix >`SFW2-INdmz-DROP-ICMP-CRIT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 13 LOG flags 6 level 4 prefix >`SFW2-INdmz-DROP-ICMP-CRIT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 17 LOG flags 6 level 4 prefix >`SFW2-INdmz-DROP-ICMP-CRIT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 2 LOG flags 6 level 4 prefix >`SFW2-INdmz-DROP-ICMP-CRIT ' > � �0 � � 0 DROP � � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 > � �0 � � 0 reject_func �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:113 flags:0x16/0x02 > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 >prefix `SFW2-INdmz-DROP ' > � �0 � � 0 DROP � � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:22 flags:0x16/0x02 > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 >prefix `SFW2-INdmz-DROP ' > � �0 � � 0 DROP � � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:111 flags:0x16/0x02 > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:631 flags:0x16/0x02 LOG flags 6 level 4 >prefix `SFW2-INdmz-DROP ' > � �0 � � 0 DROP � � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:631 flags:0x16/0x02 > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED tcp flags:0x16/0x02 LOG >flags 6 level 4 prefix `SFW2-INdmz-ACC-HiTCP ' > � �0 � � 0 ACCEPT � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED > � �0 � � 0 ACCEPT � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:22 state NEW > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:111 state NEW > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:111 state NEW > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:631 state NEW > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:631 state NEW > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp flags:0x16/0x02 LOG flags 6 level 4 prefix >`SFW2-INdmz-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 4 LOG flags 6 level 4 prefix >`SFW2-INdmz-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 5 LOG flags 6 level 4 prefix >`SFW2-INdmz-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 8 LOG flags 6 level 4 prefix >`SFW2-INdmz-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 13 LOG flags 6 level 4 prefix >`SFW2-INdmz-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 17 LOG flags 6 level 4 prefix >`SFW2-INdmz-DROP-DEFLT ' > � �0 � � 0 LOG � � � �udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT >' > � �0 � � 0 LOG � � � �all �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state INVALID LOG flags 6 level 4 prefix >`SFW2-INdmz-DROP-DEFLT-INV ' > � �0 � � 0 DROP � � � all �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 > >Chain input_ext (1 references) > pkts bytes target � � prot opt in � � out � � source � � � � � � � >destination > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 4 LOG flags 6 level 4 prefix >`SFW2-INext-ACC-SOURCEQUENCH ' > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 4 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 8 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 0 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 3 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 11 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 12 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 14 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 18 > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 5 LOG flags 6 level 4 prefix >`SFW2-INext-DROP-ICMP-CRIT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 4 LOG flags 6 level 4 prefix >`SFW2-INext-DROP-ICMP-CRIT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 13 LOG flags 6 level 4 prefix >`SFW2-INext-DROP-ICMP-CRIT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 17 LOG flags 6 level 4 prefix >`SFW2-INext-DROP-ICMP-CRIT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 2 LOG flags 6 level 4 prefix >`SFW2-INext-DROP-ICMP-CRIT ' > � �0 � � 0 DROP � � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 > � �0 � � 0 reject_func �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:113 flags:0x16/0x02 > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 >prefix `SFW2-INext-DROP ' > � �0 � � 0 DROP � � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:22 flags:0x16/0x02 > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 >prefix `SFW2-INext-DROP ' > � �0 � � 0 DROP � � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:111 flags:0x16/0x02 > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:631 flags:0x16/0x02 LOG flags 6 level 4 >prefix `SFW2-INext-DROP ' > � �0 � � 0 DROP � � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:631 flags:0x16/0x02 > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED tcp flags:0x16/0x02 LOG >flags 6 level 4 prefix `SFW2-INext-ACC-HiTCP ' > � �0 � � 0 ACCEPT � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED > � �0 � � 0 ACCEPT � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:22 state NEW > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:111 state NEW > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:111 state NEW > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:631 state NEW > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:631 state NEW > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp flags:0x16/0x02 LOG flags 6 level 4 prefix >`SFW2-INext-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 4 LOG flags 6 level 4 prefix >`SFW2-INext-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 5 LOG flags 6 level 4 prefix >`SFW2-INext-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 8 LOG flags 6 level 4 prefix >`SFW2-INext-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 13 LOG flags 6 level 4 prefix >`SFW2-INext-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 17 LOG flags 6 level 4 prefix >`SFW2-INext-DROP-DEFLT ' > � �0 � � 0 LOG � � � �udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT >' > � �0 � � 0 LOG � � � �all �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state INVALID LOG flags 6 level 4 prefix >`SFW2-INext-DROP-DEFLT-INV ' > � �0 � � 0 DROP � � � all �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 > >Chain input_int (1 references) > pkts bytes target � � prot opt in � � out � � source � � � � � � � >destination > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 8 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 0 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 3 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 11 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 12 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 14 > � �0 � � 0 ACCEPT � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED icmp type 18 > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 5 LOG flags 6 level 4 prefix >`SFW2-INint-DROP-ICMP-CRIT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 4 LOG flags 6 level 4 prefix >`SFW2-INint-DROP-ICMP-CRIT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 13 LOG flags 6 level 4 prefix >`SFW2-INint-DROP-ICMP-CRIT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 17 LOG flags 6 level 4 prefix >`SFW2-INint-DROP-ICMP-CRIT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 2 LOG flags 6 level 4 prefix >`SFW2-INint-DROP-ICMP-CRIT ' > � �0 � � 0 DROP � � � icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 > � �3 � 144 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:23 flags:0x16/0x02 LOG flags 6 level 4 >prefix `SFW2-INint-ACC-TCP ' > � �3 � 144 ACCEPT � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state NEW,RELATED,ESTABLISHED tcp dpt:23 > � �0 � � 0 reject_func �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:113 flags:0x16/0x02 > � �5 � 240 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:22 flags:0x16/0x02 LOG flags 6 level 4 >prefix `SFW2-INint-DROP ' > � �5 � 240 DROP � � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:22 flags:0x16/0x02 > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:111 flags:0x16/0x02 LOG flags 6 level 4 >prefix `SFW2-INint-DROP ' > � �0 � � 0 DROP � � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:111 flags:0x16/0x02 > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:631 flags:0x16/0x02 LOG flags 6 level 4 >prefix `SFW2-INint-DROP ' > � �0 � � 0 DROP � � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp dpt:631 flags:0x16/0x02 > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED tcp flags:0x16/0x02 LOG >flags 6 level 4 prefix `SFW2-INint-ACC-HiTCP ' > �197 �184K ACCEPT � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED > � 12 �1268 ACCEPT � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state RELATED,ESTABLISHED > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:22 state NEW > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:111 state NEW > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:111 state NEW > � �9 �1494 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:631 state NEW > � �0 � � 0 DROP � � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � udp dpt:631 state NEW > � �0 � � 0 LOG � � � �tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � tcp flags:0x16/0x02 LOG flags 6 level 4 prefix >`SFW2-INint-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 4 LOG flags 6 level 4 prefix >`SFW2-INint-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 5 LOG flags 6 level 4 prefix >`SFW2-INint-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 8 LOG flags 6 level 4 prefix >`SFW2-INint-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 13 LOG flags 6 level 4 prefix >`SFW2-INint-DROP-DEFLT ' > � �0 � � 0 LOG � � � �icmp -- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � icmp type 17 LOG flags 6 level 4 prefix >`SFW2-INint-DROP-DEFLT ' > �273 �104K LOG � � � �udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT >' > � �0 � � 0 LOG � � � �all �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � state INVALID LOG flags 6 level 4 prefix >`SFW2-INint-DROP-DEFLT-INV ' > �273 �104K DROP � � � all �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 > >Chain reject_func (3 references) > pkts bytes target � � prot opt in � � out � � source � � � � � � � >destination > � �0 � � 0 REJECT � � tcp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � reject-with tcp-reset > � �0 � � 0 REJECT � � udp �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � reject-with icmp-port-unreachable > � �0 � � 0 REJECT � � all �-- �* � � �* � � � 0.0.0.0/0 � � � � � � >0.0.0.0/0 � � � � � reject-with icmp-proto-unreachable >umupo:~ # > >> � >> This should tell us a better story. > >Hope this story will have a good ending. � > >Someone in another post had requested asked to do something using >mii-tool. Before I could even do it, mii-tool refused to run on the >machine as shown below > >umupo:~ # mii-tool -w eth2 >SIOCGMIIPHY on 'eth2' failed: Invalid argument > >When I insisted: > >umupo:~ # mii-tool -F 10BaseT-HD eth1 >SIOCGMIIPHY on 'eth1' failed: Operation not supported > >ethtool didn't behave any better. Was giving me also errors. > >Someone in another post also mentioned something to do with vlans on >the catalyst 2950. Well I haven't done any configuration on that >switch as yet. Just got it out of its box and plucked it into the >network. And besides, if that were the case, I would have already had >this problem with my current proxy and also the windoze earlier >mentioned wouldn't have behaved at all!! > >I really appreciate all your help, and I have a very strong feeling >that I am not the last one to have this problem with 9.1. We need a >solution early... � > >> � >> Bernard Wanyama >> Support Engineer >> Linux Solutions Uganda >> Cell: +256 71 193 979 >> � >> > Hello Guys, >> > I am dying to say (read type) some very, very, very nasty things � >about >> > SuSE 9.1 but let me hold them back and just put across the source � >of my >> > frustration. >> > Last Friday (I am typing this mail at the end of Wednesday) I made >a >> > clean install of SuSE 9.1 on a new machine with specs: HP Compaq, � >Intel >> > Xeon Processor 2.4 GHZ, 1 GB RAM, 2 x 40GB HDD. Since among its � >other >> > intended functions, it also going to be our proxy, I added a 2nd >n/w >> > card on top of its onboard gigabit ethernet card and then embarked � >on >> > the installation. >> > It detected my network cards O.K and using YAST, I I.P addressed � >them >> > and after which I did the proverbial ping test. I had configured >the >> > onboard to face our internal network and the other card to face >the >> > internet. The onboard returned the ping from all the internal � >machines >> > O.K, but the second card gave me a network unreachable error. Re- >check >> > the values, re-enter them all O.K but still network unreachable � >errors. >> > As a test, at this point, I decided to configure the onboard � >instead to >> > face the internet and the second card to face the internal >network. � >The >> > ping responded form all the machines on the internal network but >got >> > network unreachable errors from the onboard card. That confirmed � >both >> > cards to be O.K. >> > When I switched the onboard to face the internal n/w again, BOTH � >cards >> > returned network unreachable errors!!!!!! I got two other WORKING � >cards >> > placed them into the machine, spent my saturday, my sunday, >monday, >> > tuesday, googled my (oops no nasty words!!) off and the circus >> > continued, ping from inside, network unreachable errors from � >outside. >> > In between, I configured BIND which returns a succesfull dig � >@localhost >> > but no remote servers found error when I try to dig anything else. >I >> > think its because of the other problem. I installed and configured >> > squid which is also dying with a DNS name lookup tests failed � >error. I >> > still think it is the other problem. I have configured and � >reconfigured >> > SuSEfirewall2 a million times but still no luck. I have disabled � >ipv6, >> > set static routes, checked all files in /etc/sysconfig/network � >against >> > recommended ones and so many other things but still no luck. >> > Can someone out there save my sanity?? Honest!! This thing is � >driving >> > me mad!!!! >> > >> > � >************************************************************************ > >> > Lule George William (Mr) >> > Network and Systems Administrator >> > Uganda Martyrs University, Nkozi >> > P.O. Box 5498 Kampala >> > Uganda >> > >> > >> > --------------------------------------------- >> > This service is hosted on the Infocom network >> > http://www.infocom.co.ug >> � >> � >> � >> � >> � >> --------------------------------------------- >> This service is hosted on the Infocom network >> http://www.infocom.co.ug >> � >> � > >************************************************************************ > >Lule George William (Mr) >Network and Systems Administrator >Uganda Martyrs University, Nkozi >P.O. Box 5498 Kampala >Uganda > > >--------------------------------------------- >This service is hosted on the Infocom network >http://www.infocom.co.ug > __________________________________________________________________ Switch to Netscape Internet Service. As low as $9.95 a month -- Sign up today at http://isp.netscape.com/register Netscape. Just the Net You Need. New! Netscape Toolbar for Internet Explorer Search from anywhere on the Web and block those annoying pop-ups. Download now at http://channels.netscape.com/ns/search/install.jsp --------------------------------------------- This service is hosted on the Infocom network http://www.infocom.co.ug
