Hi there, could you please remind me your prb please, if you're still stuck with it ?
>"Home User" <[EMAIL PROTECTED]> writes: > Justin et al; > > Thanks for you help, but I do not fully understand what is going on here. > I still have the MNF default rule: > 15 ACCEPT lan wan tcp http > So I am not sure how adding your suggestion will help. I added it > anyways, but to no avail :( ... > > About my isp, issue you mention to turn on more verbose logging. > ]#ps -ef |grep ppp > Root 27162 27151 0 21:40 ? 00:00:00 /usr/sbin/pppd pty /usr/sbin/ppp > Root 27163 27162 0 21:40 ? 00:00:00 /usr/sbin/pppoe -p /var/run/-ads > > So this tells me what options are being used with pppoe. > So I would change this to pppoe -p -D /var/log/myAdslLog.log ? > But I cannot find any where pppoe is being invoked, do you? > I checked /etc/init.d/adsl and others but it alludes me. > > And what rule would I have to write to allow ppp keepalives? > Allow wan fw icmp ? That seems undesirable. > > Thanks again, > Ryan > > -----Original Message----- > From: Justin Grote [mailto:[EMAIL PROTECTED] > Sent: Monday, September 06, 2004 22:04 > To: Home User > Cc: [EMAIL PROTECTED] > Subject: Re: [Security Firewall] Newbie setup questions > > > > HU> kernel: Shorewall:fw2all:REJECT:IN= OUT=eth0 SRC=192.168.1.1 > DST=192.168.1.200 > HU> LEN=68 TOS=0x00 PREC=0xC0 TTL=255 ID=37196 > HU> PROTO=ICMP TYPE=3 CODE=0 > HU> [SRC=192.168.1.200 DST=212.85.147.168 > HU> LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=42555 DF > HU> PROTO=TCP SPT=4259 DPT=80 WINDOW=63927 RES=0x00 ACK FIN URGP=0 ] > > What you're seeing here is requests coming from 192.168.1.200 (SRC) and > going to 212.85.147.168 (DST) on port 80. These are most likely web > requests, and can probably be solved with a simple rule something to the > extent of: > > > ALLOW Source:LAN Destination:NET Port:80 > > substituting in whatever you named your local and outside zones. > > > HU> 2. Again from syslog, I see this message regularly as well: > HU> ez-ipupdate: ez-ipupdate shutdown failed > > I believe this is a dynamic DNS program. Not sure why it would be failing > shutdown (not configured correctly?) but you shouldn't worry about it. > You can always do a chkconfig --del ez-ipupdate and never see it again. > > > HU> 3. Finally I have been having issues with my isp, I see this > HU> set of messages in syslog, way too often, are they telling me that > HU> MNF is disconnecting from the isp, the other way around, or is the > HU> connection being dropped due to network error? > > Hard to tell, but it looks like the connection was terminated > unexpectedly. You can turn on more verbose PPP messages to get a clearer > message, but it's hard to tell from that information what might be your > problem. Maybe your firewall is blocking ppp keepalives? just a thought. > > -Justin Grote > > > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.754 / Virus Database: 504 - Release Date: 9/6/2004 > > > > ____________________________________________________ > Want to buy your Pack or Services from MandrakeSoft? > Go to http://www.mandrakestore.com > Join the Club : http://www.mandrakeclub.com > ____________________________________________________ -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
