Dan,
I used to have this problem with setting up Pmfirewall when I first
started using it. You don't have it configured correctly and that's why it
seems as though you're being blocked. Because in fact you are. Try
reconfiguring it again.
--
Mark
------------------------------------------------------------------------
** =/\= No Penguins were harmed | ICQ#27816299
** <_||_> in the making of this |
** =\/= message... | Registered Linux user #182496
------------------------------------------------------------------------
On Wed, 13 Sep 2000, Dan wrote:
> Not a stupid question as I generally bumble thru
> Linux. PM firewall wrote the rules. I answered all
> the questions as the default except for the one about
> getting IP from DHCP. It is set up to run on eth0. I
> did have my host.deny set to All: All. I deleted
> this and still no response. I set the security
> setting in 7.1 as medium. There was no security
> setting for 6.1.
> Ironically I can ping the machine with internet over
> the internet from my office.
>
> I've included an edited selection of rules. I can't
> see where it should block the internal network.
>
> #!/bin/sh
> # pmfirewall.rules.local
> # ver.PM1 (do not remove this line)
>
> ### BEGIN SYSTEM DEFAULTS ###
>
> # Block Nonroutable IP's from entering on the External
> Interface
> $IPCHAINS -A input -j DENY -s 10.0.0.0/8 -d $OUTERNET
> -i $OUTERIF
> $IPCHAINS -A input -j DENY -s 127.0.0.0/8 -d $OUTERNET
> -i $OUTERIF
> $IPCHAINS -A input -j DENY -s 172.16.0.0/12 -d
> $OUTERNET -i $OUTERIF
> $IPCHAINS -A input -j DENY -s 192.168.0.0/16 -d
> $OUTERNET -i $OUTERIF
>
> #!/bin/sh
> # pmfirewall.conf - used by pmfirewall package
> IPCHAINS=/sbin/ipchains
> ATBOOT=1
> CONFIG_DIR=/usr/local/pmfirewall
> OUTERIF=eth0
> REMOTENET=0/0
> OUTERIP=`ifconfig $OUTERIF | grep inet | cut -d : -f 2
> | cut -d \ -f 1`
> OUTERMASK=`ifconfig $OUTERIF | grep Mas | cut -d : -f
> 4`
> OUTERNET=$OUTERIP/$OUTERMASK
>
> #### EXAMPLES ###
>
>
> ### ALLOWED NETWORKS
> # Add in any rules to specifically allow connections
> from hosts/nets that
> # would otherwise be blocked.
> #$IPCHAINS -A input -s [trusted host/net] -d $OUTERNET
> <ports> -j ACCEPT
>
> ### BLOCKED NETWORKS
> # Add in any rules to specifically block connections
> from hosts/nets that
> # have been known to cause problems. These packets are
> logged.
> #$IPCHAINS -A input -s [banned host/net] -d $OUTERNET
> <ports> -j DENY -l
>
> ### BLOCK ICMP ATTACKS
> #
> #$IPCHAINS -A input -b -i $OUTERIF -p icmp -s
> [host/net] -d $OUTERNET -j DENY -l
>
>
> --- Greg Stewart <[EMAIL PROTECTED]> wrote:
> > Um, have you set these ipchains rules yourself? Or,
> > is some script setting
> > them for you? Did you know that you have ipchains
> > rules set in the first
> > place? (Stupid question, I know, but it doesn't hurt
> > to ask).
> >
> > You may want to check to make sure your internal IPs
> > do not exists in
> > hosts.deny.
> >
> > Let me know what secuirty level you installed MDK
> > with.
> >
> > Check to make sure that your ipchains rules do not
> > DENY the 192.168.0.0
> > subnet for the internal network.
> >
> > For some reason your machine is set to drop packets
> > on port 8, or it may be
> > set to drop everything from non-routable subnets
> > (10.0.0.0, 176, 127.0.0.0,
> > 172.16.0.0, 192.168.0.0) on all interfaces--I don't
> > know, and can't tell
> > from here without more info.
> >
> > I'll have to think on this one for now...it's late
> > and I have to wake up in
> > four hours for work...
> >
> > --Greg
> >
> > ----- Original Message -----
> > From: "Dan" <[EMAIL PROTECTED]>
> >
> >
> > > I forgot to include that. i think I did that
> > already:
> > >
> > > This is for the host.allow file for 196.168.0.2:
> > >
> > > #
> > > # hosts.allow This file describes the names of
> > the
> > > hosts which are
> > > # allowed to use the local INET
> > > services, as decided
> > > # by the '/usr/sbin/tcpd' server.
> > > #
> > > ALL: 127.
> > > All: 192.168.0.1
> > >
> > > This is the host.allow for 196.168.0.1:
> > >
> > > #
> > > # hosts.allow This file describes the names of
> > the
> > > hosts which are
> > > # allowed to use the local INET
> > > services, as decided
> > > # by the '/usr/sbin/tcpd' server.
> > > #
> > > #
> > > All: 127
> > > All: 192.168.0.2
> > >
> > > It still doesn't work.
> > >
> > > --- Greg Stewart <[EMAIL PROTECTED]> wrote:
> > > > You obvoiusly have to add each machine's IP
> > address
> > > > to the other mashine's
> > > > /etc/host.allow file. You can either do this by
> > > > simply typing the IP
> > > > address, or as foolws:
> > > >
> > > > ALL:192.168.0.x
> > > >
> > > > where 'x' is the other machines number on the
> > > > subnet.
> > > >
> > > > --Greg
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: "Dan" <[EMAIL PROTECTED]>
> > > >
> > > >
> > > > > I'm having a problem connecting two machines:
> > one
> > > > > running Mandrake 7.1 and one running 6.1. The
> > > > machine
> > > > > running 7.1 has Roadrunner on eth0 with the
> > IP
> > > > > assigned by DHCP and this works fine. I put a
> > > > second
> > > > > NIC car in this machine (DFE-530TX+) and it
> > seem
> > > > to be
> > > > > working per IF config info:
> > > > >
> > > > > eth1 Link encap:Ethernet HWaddr
> > > > > 00:50:BA:40:57:43
> > > > > inet addr:192.168.0.1
> > > > Bcast:192.168.0.255
> > > > > Mask:255.255.255.0
> > > > > UP BROADCAST RUNNING MULTICAST
> > MTU:1500
> > > > > Metric:1
> > > > > RX packets:10 errors:0 dropped:0
> > > > overruns:0
> > > > > frame:0
> > > > > TX packets:2 errors:0 dropped:0
> > > > overruns:0
> > > > > carrier:0
> > > > > collisions:0 txqueuelen:100
> > > > > Interrupt:18 Base address:0xd800
> > > > >
> > > > > I gave the card in the machine running 6.1 the
> > > > address
> > > > > 192.168.0.2. I set 192.168.0.1 machine as the
> > > > > gateway. The problem is I can't Ping the
> > other
> > > > > machine. I can ping the the machines locally
> > i.e.
> > > > > 192.168.0.1 can be pinged from 192.168.0.1.
> > When
> > > > I
> > > > > try to Ping 192.168.0.1 from 192.168.0.2.
> > Nothing
> > > > > happens. When I ctrl C I get a message that
> > all
> > > > > packets were lost. The same thing happens in
> > > > reverse.
> > > > > I did happen to look in /var/log/messgaes in
> > the
> > > > > machine that was pinged and found the
> > following:
> > > > >
> > > > >
> > > > > Sep 12 18:37:09 cm-24-161-17-97 kernel: Packet
> > > > log:
> > > > > input DENY eth1 PROTO=1 192.168.0.2:8
> > > > 192.168.0.1:0
> > > > > L=84 S=0x00 I=34 F=0x0000 T=64 (#30)
> > > > >
> > > > > This appears in both machines log files for
> > every
> > > > > packet sent. It appears there is some sort of
> > > > > security setting that is dropping the packets?
> > I
> > > > just
> > > > > can't figure out where.
> > > > >
> > > > > Both machines have IP chains and PM firewall
> > > > installed
> > > > > since both at one time or another have had
> > > > internet
> > > > > access. The one currently with internet
> > access
> > > > has PM
> > > > > firewall running on eth0. On the other
> > machine I
> > > > ran
> > > > > "PM Firewall stop".
> > > > >
> > > > > Any help much appreciated.
> > > > >
> > > > >
> > > > >
> > __________________________________________________
> > > > > Do You Yahoo!?
> > > > > Yahoo! Mail - Free email you can access from
> > > > anywhere!
> > > > > http://mail.yahoo.com/
> > > > >
> > > >
> > > >
> > > >
> > >
> >
> ____________________________________________________________________________
> > __
> > > > Vous avez un site perso ?
> > > > 2 millions de francs � gagner sur i(france) !
> > > > Webmasters : ZE CONCOURS !
> > > > http://www.ifrance.com/_reloc/concours.emailif
> > > >
> > > >
> > > >
> > >
> > >
> > > __________________________________________________
> > > Do You Yahoo!?
> > > Yahoo! Mail - Free email you can access from
> > anywhere!
> > > http://mail.yahoo.com/
> > >
> >
> >
> >
> ______________________________________________________________________________
> > Vous avez un site perso ?
> >
> === message truncated ===
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Mail - Free email you can access from anywhere!
> http://mail.yahoo.com/
>
>
