Thanks Al! I think I have isolated my network problem. Our company (Company-B) is just part of a bigger company (Company-A).
Company-A is using Class-B system (255.255.0.0) I get my ip addresses from Company-A. Thus, my subnet is 255.255.0.0. Company-A's router is 192.168.10.240 255.255.0.0 eth0: 192.168.8.233 255.255.0.0 192.168.255.255 eth1: 192.168.8.232 255.255.0.0 192.168.255.255 These 2 are still in the same subnet. So now I thought why not make it: eth0: 192.167.8.233 255.255.0.0 192.255.255.255 eth1: 192.168.8.232 255.255.0.0 192.168.255.255 workstation: 192.167.8.11 255.255.0.0 Now I am able to see in iptables logging: LOGGED: IN=eth0 OUT= MAC=00:02:55:ee:c3:91:00:09:6b:e2:31:d7:08:00 SRC=192.167.8.11 DST=192.167.8.233 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=63931 DF PROTO=TCP SPT=3263 DPT=3128 WINDOW=64240 RES=0x00 SYN URGP=0 LOGGED: IN=eth0 OUT= MAC=00:02:55:ee:c3:91:00:09:6b:e2:31:d7:08:00 SRC=192.167.8.11 DST=192.167.8.233 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=63933 DF PROTO=TCP SPT=3263 DPT=3128 WINDOW=64240 RES=0x00 SYN URGP=0 LOGGED: IN=eth0 OUT= MAC=00:02:55:ee:c3:91:00:09:6b:e2:31:d7:08:00 SRC=192.167.8.11 DST=192.167.8.233 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=63936 DF PROTO=TCP SPT=3263 DPT=3128 WINDOW=64240 RES=0x00 SYN URGP=0 So I guess it really has something to do with the subnetting. I'll get back again as I encounter new problems. :D Thanks again! fritz <www.mesedilla.com> --- + Basta Ikaw Lord > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 22, 2003 2:41 PM > To: Philippine Linux Users Group Mailing List > Subject: RE: [plug] network interfaces > > > > Hi Fritz, > > Perhaps your problem is your access on the firewall/router, > try to examine > the access list and the NAT of your firewall/router, or > if your LAN is directly connected to a router (i.e. Cisco > Router) try to > examine also the ip nat inside and the ip nat outside, > this is a part of security of a router. > > God bless and have a nice day! > > fyi, > > Al > --------------||-+------)(-+------------------ > Alberto D. Maclang, CCNA > Senior Network Engineer > NSG Philippines, Inc. > Tel: +6349-5412730 to 32 loc 230 > --------------)(+----------||+--------------- > > > > > > "Fritz Mesedilla" > > <[EMAIL PROTECTED] To: > "Philippine Linux Users Group Mailing List" > media.com> > <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> > Sent by: cc: > > [EMAIL PROTECTED] Subject: > RE: [plug] network interfaces > x.com > > > > > > 10/22/2003 12:34 PM > > Please respond to > > Philippine Linux Users > > Group Mailing List > > > > > > > > > > > Thanks Jeremy! > No eth1 is connected to our network router. > Actually we are a company under a bigger company so I made > our own simple > network to be able to control our connection better. > > {company_child local lan -- linux } -- company_parent router > and own lan -- > internet > > The ones in the brackets are the ones we have control of. > So in this sense we are making our own small network under a bigger > network. > > Thanks again! > > fritz <www.mesedilla.com> > --- > + Basta Ikaw Lord > > > > > -----Original Message----- > > From: smart penguin [mailto:[EMAIL PROTECTED] > > Sent: Wednesday, October 22, 2003 12:16 PM > > To: [EMAIL PROTECTED]; Philippine Linux Users Group > Mailing List > > Subject: Re: [plug] network interfaces > > > > > > Question?, if your eht1 is connected to the internet, what > > kind of connection, if this is a dsl, then this should not be > > activated, since this is use by the dsl-modem (assigned with > > dynamic ip) > > > > However, if your connection is dial-up, then, it is true that > > you should change the subnet mask. I would suggest try to > > browse this : > > > > http://www.tldp.org/HOWTO/IP-Subnetworking-3.html > > > > jeremy > > (returning the favor to everybody) > > > > > > ----- Original Message ----- > > From: alben benavente alteza <[EMAIL PROTECTED]> > > Date: Wed, 22 Oct 2003 11:21:09 +0800 > > To: Philippine Linux Users Group Mailing List > <[EMAIL PROTECTED]> > > Subject: Re: [plug] network interfaces > > > > > shouldn't put the same subnet ip addresses on different > > nics. I tried > > > making eth0 into 192.168.10.1. Still doesn't work. > > > > > > Still your using the same subnet in def NIC since your > > network is /16. use > > > this ip again 192.168.10.1 then change all your netmask to > > 255.255.255.0, > > > this will work. > > > > > > review your network assignment scheme. > > > > > > On Wednesday 22 October 2003 10:36, Fritz Mesedilla wrote: > > > > Sorry I wasn't able to reply again. There seemed to be a > > problem with our > > > > email. It keeps on bouncing. I think we might be > > exceeding our bandwidth. > > > > :D > > > > > > > > Thank you to Al Maclang for replying. I was able to see > > your reply through > > > > the october archives. > > > > > > > > Anyway, here is our current setup: > > > > DEVICE=eth0 > > > > IPADDR=192.168.8.233 > > > > NETMASK=255.255.0.0 > > > > BROADCAST=192.168.255.255 > > > > BOOTPROTO=none > > > > NETWORK=192.168.0.0 > > > > ONBOOT=yes > > > > > > > > DEVICE=eth1 > > > > IPADDR=192.168.8.232 > > > > NETMASK=255.255.0.0 > > > > BROADCAST=192.168.255.255 > > > > BOOTPROTO=none > > > > NETWORK=192.168.0.0 > > > > ONBOOT=yes > > > > > > > > 192.168.8.233 - represents local lan no access to internet > > > > 192.168.8.232 - represents internt access > > > > > > > > > > > > ifconfig produces: > > > > eth0 Link encap:Ethernet HWaddr 00:02:55:EE:C3:91 > > > > inet addr:192.168.8.233 Bcast:192.168.255.255 > > Mask:255.255.0.0 > > > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > > > RX packets:341396 errors:0 dropped:0 > overruns:0 frame:0 > > > > TX packets:6777 errors:0 dropped:0 overruns:0 > carrier:0 > > > > collisions:0 txqueuelen:100 > > > > RX bytes:188778694 (180.0 Mb) TX bytes:764553 > > (746.6 Kb) > > > > Interrupt:10 Base address:0xa000 > > > > > > > > eth1 Link encap:Ethernet HWaddr 00:10:5A:D0:19:16 > > > > inet addr:192.168.8.232 Bcast:192.168.255.255 > > Mask:255.255.0.0 > > > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > > > RX packets:1769753 errors:0 dropped:0 > overruns:0 frame:0 > > > > TX packets:1428053 errors:0 dropped:0 > > overruns:0 carrier:1 > > > > collisions:0 txqueuelen:100 > > > > RX bytes:434467748 (414.3 Mb) TX > > bytes:1172955565 (1118.6 Mb) > > > > Interrupt:10 Base address:0xb800 > > > > > > > > lo Link encap:Local Loopback > > > > inet addr:127.0.0.1 Mask:255.0.0.0 > > > > UP LOOPBACK RUNNING MTU:16436 Metric:1 > > > > RX packets:38565 errors:0 dropped:0 overruns:0 frame:0 > > > > TX packets:38565 errors:0 dropped:0 > overruns:0 carrier:0 > > > > collisions:0 txqueuelen:0 > > > > RX bytes:5573561 (5.3 Mb) TX bytes:5573561 (5.3 Mb) > > > > > > > > route produces: > > > > Kernel IP routing table > > > > Destination Gateway Genmask Flags > > Metric Ref Use > > > > Iface 192.168.0.0 * 255.255.0.0 U > > 0 0 > > > > 0 eth1 192.168.0.0 * 255.255.0.0 U > > 0 0 > > > > 0 eth1 127.0.0.0 * 255.0.0.0 U > > 0 0 > > > > 0 lo default 192.168.10.240 0.0.0.0 UG > > 0 0 > > > > 0 eth1 > > > > > > > > > > > > When I try: > > > > - /etc/init.d/network stop > > > > - ifup eth0 > > > > > > > > Nothing happens. Parang hindi naka-set yung eth0. Someone > > mentioned I > > > > shouldn't put the same subnet ip addresses on different > > nics. I tried > > > > making eth0 into 192.168.10.1. Still doesn't work. > > > > > > > > I just want local users to pass through eth0 and out eth1 > > for security > > > > reasons. > > > > > > > > Thanks. > > > > > > > > > > > > fritz <www.mesedilla.com> > > > > --- > > > > + Basta Ikaw Lord > > > > > > > > > > > > > > > ---------------------------------------------------------------------- > > > > This email and any files transmitted with it are > confidential and > > > > intended solely for the use of the individual or entity > > to whom they > > > > are addressed. If you have received this email in error > > please notify > > > > the sender immediately by e-mail and delete this e-mail > from your > > > > system. Please note that any views or opinions presented in this > > > > email are solely those of the author and do not > > necessarily represent > > > > those of the company. Finally, the recipient should check > > this email > > > > and any attachments for the presence of viruses. The > > company accepts > > > > no liability for any damage caused by any virus > > transmitted by this > > > > email. > > > > > > > > Overture Media, Inc. > > > > Direct Line: (632) 635-4785 > > > > Trunkline: (632) 631-8971 Local 146 > > > > Fax: (632) 637-2206 > > > > Level 1 Summit Media Offices, Robinsons Galleria EDSA > > Cor. Ortigas Ave., > > > > Quezon City 1100 > > > > > > -- > > > Alben Benavente Alteza > > > > > Information Systems Security Administration > > > > > Information Systems Dept./ Philippine Airlines > > > > > > > > -- > > > Philippine Linux Users' Group (PLUG) Mailing List > > > [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) > > > Official Website: http://plug.linux.org.ph > > > Searchable Archives: http://marc.free.net.ph > > > . > > > To leave, go to http://lists.q-linux.com/mailman/listinfo/plug > > > . > > > Are you a Linux newbie? To join the newbie list, go to > > > http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie > > > > -- > > ______________________________________________ > > Check out the latest SMS services @ http://www.linuxmail.org > > This allows you to send and receive SMS through your mailbox. > > > > > > Powered by Outblaze > > -- > > Philippine Linux Users' Group (PLUG) Mailing List > > [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) > > Official Website: http://plug.linux.org.ph > > Searchable Archives: http://marc.free.net.ph > > . > > To leave, go to http://lists.q-linux.com/mailman/listinfo/plug > > . > > Are you a Linux newbie? To join the newbie list, go to > > http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie > > > > ---------------------------------------------------------------------- > This email and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they > are addressed. If you have received this email in error please notify > the sender immediately by e-mail and delete this e-mail from your > system. Please note that any views or opinions presented in this > email are solely those of the author and do not necessarily represent > those of the company. Finally, the recipient should check this email > and any attachments for the presence of viruses. The company accepts > no liability for any damage caused by any virus transmitted by this > email. > > Overture Media, Inc. > Direct Line: (632) 635-4785 > Trunkline: (632) 631-8971 Local 146 > Fax: (632) 637-2206 > Level 1 Summit Media Offices, Robinsons Galleria EDSA Cor. > Ortigas Ave., > Quezon City 1100 > > -- > Philippine Linux Users' Group (PLUG) Mailing List > [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) > Official Website: http://plug.linux.org.ph > Searchable Archives: http://marc.free.net.ph > . > To leave, go to http://lists.q-linux.com/mailman/listinfo/plug > . > Are you a Linux newbie? To join the newbie list, go to > http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie > > > > > -- > Philippine Linux Users' Group (PLUG) Mailing List > [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) > Official Website: http://plug.linux.org.ph > Searchable Archives: http://marc.free.net.ph > . > To leave, go to http://lists.q-linux.com/mailman/listinfo/plug > . > Are you a Linux newbie? To join the newbie list, go to > http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie > ---------------------------------------------------------------------- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender immediately by e-mail and delete this e-mail from your system. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. Finally, the recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. Overture Media, Inc. Direct Line: (632) 635-4785 Trunkline: (632) 631-8971 Local 146 Fax: (632) 637-2206 Level 1 Summit Media Offices, Robinsons Galleria EDSA Cor. Ortigas Ave., Quezon City 1100 -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
