so are you saying that somehow i am blocking these dhcp leasing ports to rr? if i open these ports on eth0 incoming and outgoing, will that address this?
vora > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of James P. Roberts > Sent: Wednesday, October 08, 2003 6:36 PM > To: [EMAIL PROTECTED] > Subject: Re: eth0 vanishing > > > > From: "vvor" <[EMAIL PROTECTED]> > > > > as i mentioned, i switched to iptables. > > > > now, every few hours, my roadrunner connection is dropping. this was not > > happening with ipchains! here is the part of my log just before it happens. > i > > tried ifup, but that doesn't help. it fails to acquire the ip address. does > > anyone know what is happening? is my nic dying? is it iptables? i wish i had > a > > clue. (rat is the name of my serer) > > > <snip> > > Oct 7 11:14:56 rat kernel: [UDP reject] IN= OUT=eth0 SRC=24.90.93.125 > > DST=24.29.99.107 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=68 > > DPT=67 LEN=556 > > Oct 7 11:14:56 rat kernel: [UDP drop] IN= OUT=eth0 SRC=192.168.0.1 > > DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP > SPT=68 > > DPT=67 LEN=308 > <snip> > > UDP on port 67 and 68 are for DHCP. You'll note that your iptables rules > apparently reject *OUTGOING* UDP packets from your server (from port 68 to > port 67, anyway). So, when Roadrunner requests that you renew your DHCP > "license" every few hours, your server cannot respond properly, and you get > dropped. The second entry above is your server attempting to do DHCP on your > internal network, also being blocked. You'll need to examine your iptables > rules set to see why you are blocking your own server from sending out UDP > packets that are needed for DHCP. > > One *MAJOR* difference to understand, between ipchains and iptables, is that > in iptables, you have three completely separate chains (input, output, > forward). A given packet will only traverse one of those chains. In > ipchains, the input and output chains are traversed before and after the > forward chain. That is, the handling of the "forward" chain has changed > significantly between ipchains and iptables. > > Regards, > Jim > > > _______________________________________________ > Seawolf-list mailing list > [EMAIL PROTECTED] > https://www.redhat.com/mailman/listinfo/seawolf-list _______________________________________________ Seawolf-list mailing list [EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/seawolf-list
