Thanks for the reply,
Changes made:
~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:E0:4C:50:18:FD
inet addr:10.1.1.4 Bcast:10.255.255.255 Mask:255.0.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:391 errors:0 dropped:0 overruns:0 frame:0
TX packets:478 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:60910 (59.4 KiB) TX bytes:271552 (265.1 KiB)
Interrupt:201 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:E0:4C:50:16:70
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:209 Base address:0xa000
Interfaces
#ZONE INTERFACE BROADCAST OPTIONS
net ppp0 -
loc eth0 10.255.255.255
loc eth1 192.168.1.255
using cable connected only on eth0 (loc 10.1.1.4 to switch) and eth2 (net, ppp0)
nothing change, at my winXp 10.1.1.5, putting gateway/DNS as 10.1.1.4, cant
ping www.yahoo.com
winXp can ping 192.168.1.1
winXp can ping ppp0 ip address
I attaching shorewall dump result, hope someone can give me a clue
Cheers
Hi Phillipus,
Phillipus Gunawan schrieb:
<..>
> ~# ifconfig
> eth0 Link encap:Ethernet HWaddr 00:E0:4C:50:18:FD
> inet addr:10.1.1.4 Bcast:10.255.255.255 Mask:255.0.0.0
<...>
> eth1 Link encap:Ethernet HWaddr 00:E0:4C:50:16:70
> inet addr:10.1.2.1 Bcast:10.255.255.255 Mask:255.0.0.0
<...>
The Mask 255.0.0.0 "says" that the first tripple of your IP-Address is
the network part. So your addreses are still in the same! network.
Use a different Network(mask), e.g. ip address 192.168.0.1, mask
255.255.0.0 for eth1.
Regards
Götz
--
Götz Reinicke
IT-Koordinator
Tel. +49 7141 969 420
Fax +49 7141 969 55 420
E-Mail [EMAIL PROTECTED]
Filmakademie Baden-Württemberg GmbH
Mathildenstr. 20
71638 Ludwigsburg
http://www.filmakademie.de
Eintragung Amtsgericht Stuttgart HRB 205016
Vorsitzende des Aufsichtsrats:
Prof. Dr. Claudia Hübner
Staatsrätin für Demographischen Wandel und für Senioren im Staatsministerium
Geschäftsführer:
Prof. Thomas Schadt
Start your day with Yahoo!7 and win a Sony Bravia TV. Enter now
http://au.docs.yahoo.com/homepageset/?p1=other&p2=au&p3=taglineShorewall 4.0.14 Dump at debian - Thu Nov 27 06:29:18 EST 2008
Shorewall-shell 4.0.14
Counters reset Thu Nov 27 06:28:19 EST 2008
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT 0 -- lo * 0.0.0.0/0 0.0.0.0/0
8 461 ppp0_in 0 -- ppp0 * 0.0.0.0/0 0.0.0.0/0
176 28713 eth0_in 0 -- eth0 * 0.0.0.0/0 0.0.0.0/0
0 0 eth1_in 0 -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x06/0x02 TCPMSS clamp to PMTU
0 0 ppp0_fwd 0 -- ppp0 * 0.0.0.0/0 0.0.0.0/0
0 0 eth0_fwd 0 -- eth0 * 0.0.0.0/0 0.0.0.0/0
0 0 eth1_fwd 0 -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT 0 -- * lo 0.0.0.0/0 0.0.0.0/0
7 405 ppp0_out 0 -- * ppp0 0.0.0.0/0 0.0.0.0/0
184 124K eth0_out 0 -- * eth0 0.0.0.0/0 0.0.0.0/0
0 0 eth1_out 0 -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain Drop (0 references)
pkts bytes target prot opt in out source destination
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:113
0 0 dropBcast 0 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3 code 4
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 11
0 0 dropInvalid 0 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,445
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:137:139
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1900
0 0 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:53
Chain Reject (0 references)
pkts bytes target prot opt in out source destination
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:113
0 0 dropBcast 0 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 3 code 4
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
icmp type 11
0 0 dropInvalid 0 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,445
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpts:137:139
0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1900
0 0 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:53
Chain all2all (10 references)
pkts bytes target prot opt in out source destination
315 147K ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
60 6732 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain dropBcast (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0
PKTTYPE = broadcast
0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0
PKTTYPE = multicast
Chain dropInvalid (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID
Chain dropNotSyn (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:!0x17/0x02
Chain dynamic (6 references)
pkts bytes target prot opt in out source destination
Chain eth0_fwd (1 references)
pkts bytes target prot opt in out source destination
0 0 dynamic 0 -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID,NEW
0 0 all2all 0 -- * ppp0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- * eth1 0.0.0.0/0 0.0.0.0/0
Chain eth0_in (1 references)
pkts bytes target prot opt in out source destination
52 6271 dynamic 0 -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID,NEW
176 28713 all2all 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain eth0_out (1 references)
pkts bytes target prot opt in out source destination
184 124K all2all 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain eth1_fwd (1 references)
pkts bytes target prot opt in out source destination
0 0 dynamic 0 -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID,NEW
0 0 all2all 0 -- * ppp0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT 0 -- * eth0 0.0.0.0/0 0.0.0.0/0
Chain eth1_in (1 references)
pkts bytes target prot opt in out source destination
0 0 dynamic 0 -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID,NEW
0 0 all2all 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain eth1_out (1 references)
pkts bytes target prot opt in out source destination
0 0 all2all 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain logdrop (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:logdrop:DROP:'
0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain logreject (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG 0 -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:logreject:REJECT:'
0 0 reject 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain ppp0_fwd (1 references)
pkts bytes target prot opt in out source destination
0 0 dynamic 0 -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID,NEW
0 0 all2all 0 -- * eth0 0.0.0.0/0 0.0.0.0/0
0 0 all2all 0 -- * eth1 0.0.0.0/0 0.0.0.0/0
Chain ppp0_in (1 references)
pkts bytes target prot opt in out source destination
8 461 dynamic 0 -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID,NEW
8 461 all2all 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain ppp0_out (1 references)
pkts bytes target prot opt in out source destination
7 405 all2all 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain reject (7 references)
pkts bytes target prot opt in out source destination
0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0
PKTTYPE = broadcast
0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0
PKTTYPE = multicast
0 0 DROP 0 -- * * 10.255.255.255 0.0.0.0/0
0 0 DROP 0 -- * * 192.168.1.255 0.0.0.0/0
0 0 DROP 0 -- * * 255.255.255.255 0.0.0.0/0
0 0 DROP 0 -- * * 224.0.0.0/4 0.0.0.0/0
0 0 DROP 2 -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with tcp-reset
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-port-unreachable
0 0 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-unreachable
0 0 REJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0
reject-with icmp-host-prohibited
Chain shorewall (0 references)
pkts bytes target prot opt in out source destination
Chain smurfs (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG 0 -- * * 10.255.255.255 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
0 0 DROP 0 -- * * 10.255.255.255 0.0.0.0/0
0 0 LOG 0 -- * * 192.168.1.255 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
0 0 DROP 0 -- * * 192.168.1.255 0.0.0.0/0
0 0 LOG 0 -- * * 255.255.255.255 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
0 0 DROP 0 -- * * 255.255.255.255 0.0.0.0/0
0 0 LOG 0 -- * * 224.0.0.0/4 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:'
0 0 DROP 0 -- * * 224.0.0.0/4 0.0.0.0/0
Log (/var/log/messages)
NAT Table
Chain PREROUTING (policy ACCEPT 23 packets, 2003 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ppp0_masq 0 -- * ppp0 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain ppp0_masq (1 references)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE 0 -- * * 192.168.1.0/24 0.0.0.0/0
0 0 MASQUERADE 0 -- * * 10.0.0.0/8 0.0.0.0/0
Mangle Table
Chain PREROUTING (policy ACCEPT 185 packets, 29214 bytes)
pkts bytes target prot opt in out source destination
185 29214 tcpre 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain INPUT (policy ACCEPT 185 packets, 29214 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 tcfor 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 240 packets, 161K bytes)
pkts bytes target prot opt in out source destination
193 126K tcout 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 193 packets, 126K bytes)
pkts bytes target prot opt in out source destination
193 126K tcpost 0 -- * * 0.0.0.0/0 0.0.0.0/0
Chain tcfor (1 references)
pkts bytes target prot opt in out source destination
Chain tcout (1 references)
pkts bytes target prot opt in out source destination
Chain tcpost (1 references)
pkts bytes target prot opt in out source destination
Chain tcpre (1 references)
pkts bytes target prot opt in out source destination
Conntrack Table
udp 17 20 src=10.1.1.5 dst=10.255.255.255 sport=137 dport=137 packets=24
bytes=2250 [UNREPLIED] src=10.255.255.255 dst=10.1.1.5 sport=137 dport=137
packets=0 bytes=0 mark=0 use=1
tcp 6 1 CLOSE src=10.1.1.5 dst=10.1.1.4 sport=3301 dport=10000 packets=26
bytes=3321 src=10.1.1.4 dst=10.1.1.5 sport=10000 dport=3301 packets=39
bytes=30713 [ASSURED] mark=0 use=1
tcp 6 431989 ESTABLISHED src=10.1.1.5 dst=10.1.1.4 sport=3302 dport=10000
packets=10 bytes=1594 src=10.1.1.4 dst=10.1.1.5 sport=10000 dport=3302
packets=9 bytes=4813 [ASSURED] mark=0 use=1
tcp 6 431991 ESTABLISHED src=10.1.1.5 dst=10.1.1.4 sport=3304 dport=10000
packets=12 bytes=2159 src=10.1.1.4 dst=10.1.1.5 sport=10000 dport=3304
packets=13 bytes=7657 [ASSURED] mark=0 use=1
tcp 6 431934 ESTABLISHED src=10.1.1.5 dst=10.1.1.4 sport=3293 dport=10000
packets=3 bytes=557 src=10.1.1.4 dst=10.1.1.5 sport=10000 dport=3293 packets=3
bytes=2916 [ASSURED] mark=0 use=1
tcp 6 431989 ESTABLISHED src=10.1.1.5 dst=10.1.1.4 sport=3300 dport=10000
packets=12 bytes=2223 src=10.1.1.4 dst=10.1.1.5 sport=10000 dport=3300
packets=12 bytes=7053 [ASSURED] mark=0 use=1
udp 17 17 src=10.1.1.5 dst=10.1.1.4 sport=1025 dport=53 packets=3
bytes=267 [UNREPLIED] src=10.1.1.4 dst=10.1.1.5 sport=53 dport=1025 packets=0
bytes=0 mark=0 use=1
tcp 6 431989 ESTABLISHED src=10.1.1.5 dst=10.1.1.4 sport=3305 dport=10000
packets=11 bytes=2167 src=10.1.1.4 dst=10.1.1.5 sport=10000 dport=3305
packets=13 bytes=7039 [ASSURED] mark=0 use=1
tcp 6 431999 ESTABLISHED src=10.1.1.5 dst=10.1.1.4 sport=3303 dport=10000
packets=22 bytes=8457 src=10.1.1.4 dst=10.1.1.5 sport=10000 dport=3303
packets=29 bytes=19021 [ASSURED] mark=0 use=1
tcp 6 431941 ESTABLISHED src=10.1.1.5 dst=10.1.1.4 sport=3294 dport=10000
packets=6 bytes=1114 src=10.1.1.4 dst=10.1.1.5 sport=10000 dport=3294 packets=6
bytes=5832 [ASSURED] mark=0 use=1
udp 17 21 src=10.1.1.5 dst=10.255.255.255 sport=138 dport=138 packets=12
bytes=2562 [UNREPLIED] src=10.255.255.255 dst=10.1.1.5 sport=138 dport=138
packets=0 bytes=0 mark=0 use=1
udp 17 22 src=222.123.17.118 dst=220.244.8.194 sport=50900 dport=64198
packets=1 bytes=90 [UNREPLIED] src=220.244.8.194 dst=222.123.17.118 sport=64198
dport=50900 packets=0 bytes=0 mark=0 use=1
udp 17 9 src=10.1.1.5 dst=10.1.1.4 sport=2618 dport=53 packets=1 bytes=59
[UNREPLIED] src=10.1.1.4 dst=10.1.1.5 sport=53 dport=2618 packets=0 bytes=0
mark=0 use=1
IP Configuration
1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:e0:4c:50:18:fd brd ff:ff:ff:ff:ff:ff
inet 10.1.1.4/8 brd 10.255.255.255 scope global eth0
inet6 fe80::2e0:4cff:fe50:18fd/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:e0:4c:50:16:70 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global eth1
4: eth2: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:15:58:1d:4b:4f brd ff:ff:ff:ff:ff:ff
inet6 fe80::215:58ff:fe1d:4b4f/64 scope link
valid_lft forever preferred_lft forever
5: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
6: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,10000> mtu 1492 qdisc pfifo_fast qlen 3
link/ppp
inet 220.244.8.194 peer 10.20.20.106/32 scope global ppp0
IP Stats
1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
RX: bytes packets errors dropped overrun mcast
560 8 0 0 0 0
TX: bytes packets errors dropped carrier collsns
560 8 0 0 0 0
2: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:e0:4c:50:18:fd brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
116103 641 0 0 0 0
TX: bytes packets errors dropped carrier collsns
599727 871 0 0 0 0
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:e0:4c:50:16:70 brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
0 0 0 0 0 0
TX: bytes packets errors dropped carrier collsns
0 0 0 0 0 0
4: eth2: <BROADCAST,MULTICAST,UP,10000> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:15:58:1d:4b:4f brd ff:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast
3921 48 0 0 0 0
TX: bytes packets errors dropped carrier collsns
3217 47 0 0 0 0
5: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
RX: bytes packets errors dropped overrun mcast
0 0 0 0 0 0
TX: bytes packets errors dropped carrier collsns
0 0 0 0 0 0
6: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,10000> mtu 1492 qdisc pfifo_fast qlen 3
link/ppp
RX: bytes packets errors dropped overrun mcast
1663 20 0 0 0 0
TX: bytes packets errors dropped carrier collsns
920 19 0 0 0 0
Bridges
bridge name bridge id STP enabled interfaces
/proc
/proc/version = Linux version 2.6.18-5-686 (Debian 2.6.18.dfsg.1-17) ([EMAIL
PROTECTED]) (gcc version 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)) #1 SMP
Mon Dec 24 16:41:07 UTC 2007
/proc/sys/net/ipv4/ip_forward = 1
/proc/sys/net/ipv4/icmp_echo_ignore_all = 0
/proc/sys/net/ipv4/conf/all/proxy_arp = 0
/proc/sys/net/ipv4/conf/all/arp_filter = 0
/proc/sys/net/ipv4/conf/all/arp_ignore = 0
/proc/sys/net/ipv4/conf/all/rp_filter = 1
/proc/sys/net/ipv4/conf/all/log_martians = 0
/proc/sys/net/ipv4/conf/default/proxy_arp = 0
/proc/sys/net/ipv4/conf/default/arp_filter = 0
/proc/sys/net/ipv4/conf/default/arp_ignore = 0
/proc/sys/net/ipv4/conf/default/rp_filter = 1
/proc/sys/net/ipv4/conf/default/log_martians = 0
/proc/sys/net/ipv4/conf/eth0/proxy_arp = 0
/proc/sys/net/ipv4/conf/eth0/arp_filter = 0
/proc/sys/net/ipv4/conf/eth0/arp_ignore = 0
/proc/sys/net/ipv4/conf/eth0/rp_filter = 0
/proc/sys/net/ipv4/conf/eth0/log_martians = 0
/proc/sys/net/ipv4/conf/eth1/proxy_arp = 0
/proc/sys/net/ipv4/conf/eth1/arp_filter = 0
/proc/sys/net/ipv4/conf/eth1/arp_ignore = 0
/proc/sys/net/ipv4/conf/eth1/rp_filter = 0
/proc/sys/net/ipv4/conf/eth1/log_martians = 0
/proc/sys/net/ipv4/conf/lo/proxy_arp = 0
/proc/sys/net/ipv4/conf/lo/arp_filter = 0
/proc/sys/net/ipv4/conf/lo/arp_ignore = 0
/proc/sys/net/ipv4/conf/lo/rp_filter = 0
/proc/sys/net/ipv4/conf/lo/log_martians = 0
/proc/sys/net/ipv4/conf/ppp0/proxy_arp = 0
/proc/sys/net/ipv4/conf/ppp0/arp_filter = 0
/proc/sys/net/ipv4/conf/ppp0/arp_ignore = 0
/proc/sys/net/ipv4/conf/ppp0/rp_filter = 0
/proc/sys/net/ipv4/conf/ppp0/log_martians = 0
Routing Rules
0: from all lookup 255
32766: from all lookup main
32767: from all lookup default
Table 255:
local 192.168.1.1 dev eth1 proto kernel scope host src 192.168.1.1
broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1
broadcast 192.168.1.0 dev eth1 proto kernel scope link src 192.168.1.1
broadcast 10.0.0.0 dev eth0 proto kernel scope link src 10.1.1.4
broadcast 192.168.1.255 dev eth1 proto kernel scope link src 192.168.1.1
broadcast 10.255.255.255 dev eth0 proto kernel scope link src 10.1.1.4
local 10.1.1.4 dev eth0 proto kernel scope host src 10.1.1.4
local 220.244.8.194 dev ppp0 proto kernel scope host src 220.244.8.194
broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1
local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1
local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1
Table default:
Table main:
10.20.20.106 dev ppp0 proto kernel scope link src 220.244.8.194
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.1
10.0.0.0/8 dev eth0 proto kernel scope link src 10.1.1.4
default dev ppp0 scope link
ARP
? (10.1.1.5) at 00:E0:4C:50:16:2F [ether] on eth0
? (10.20.20.106) at <from_interface> PERM PUB on eth0
Modules
ip_conntrack 49088 24
ipt_MASQUERADE,ip_nat_tftp,ip_nat_snmp_basic,ip_nat_sip,ip_nat_pptp,ip_nat_irc,ip_nat_h323,ip_nat_ftp,ip_nat_amanda,ip_conntrack_tftp,ip_conntrack_sip,ip_conntrack_pptp,ip_conntrack_netbios_ns,ip_conntrack_irc,ip_conntrack_h323,ip_conntrack_ftp,ip_conntrack_amanda,xt_helper,xt_conntrack,xt_CONNMARK,xt_connmark,xt_state,iptable_nat,ip_nat
ip_conntrack_amanda 4932 1 ip_nat_amanda
ip_conntrack_ftp 7760 1 ip_nat_ftp
ip_conntrack_h323 47676 1 ip_nat_h323
ip_conntrack_irc 6800 1 ip_nat_irc
ip_conntrack_netbios_ns 3040 0
ip_conntrack_pptp 11504 1 ip_nat_pptp
ip_conntrack_sip 7376 1 ip_nat_sip
ip_conntrack_tftp 4344 1 ip_nat_tftp
ip_nat 16876 12
ipt_SAME,ipt_REDIRECT,ipt_NETMAP,ipt_MASQUERADE,ip_nat_tftp,ip_nat_sip,ip_nat_pptp,ip_nat_irc,ip_nat_h323,ip_nat_ftp,ip_nat_amanda,iptable_nat
ip_nat_amanda 2400 0
ip_nat_ftp 3328 0
ip_nat_h323 7104 0
ip_nat_irc 2720 0
ip_nat_pptp 5988 0
ip_nat_sip 4096 0
ip_nat_snmp_basic 9316 0
ip_nat_tftp 1920 0
iptable_filter 3104 1
iptable_mangle 2880 1
iptable_nat 7044 1
iptable_raw 2144 0
ip_tables 13028 4
iptable_raw,iptable_nat,iptable_mangle,iptable_filter
ipt_addrtype 1952 0
ipt_ah 2016 0
ipt_CLUSTERIP 8196 0
ipt_dscp 1792 0
ipt_DSCP 2336 0
ipt_ecn 2304 0
ipt_ECN 3072 0
ipt_hashlimit 8744 0
ipt_iprange 1888 0
ipt_LOG 6112 6
ipt_MASQUERADE 3712 2
ipt_NETMAP 2176 0
ipt_owner 2080 0
ipt_recent 8432 0
ipt_REDIRECT 2176 0
ipt_REJECT 5248 4
ipt_SAME 2496 0
ipt_TCPMSS 4096 1
ipt_tos 1760 0
ipt_TOS 2304 0
ipt_ttl 1984 0
ipt_TTL 2400 0
ipt_ULOG 7780 0
xt_CLASSIFY 1984 0
xt_comment 1952 0
xt_connmark 2144 0
xt_CONNMARK 2464 0
xt_conntrack 2624 0
xt_dccp 3396 0
xt_helper 2560 0
xt_length 2048 0
xt_limit 2752 0
xt_mac 2016 0
xt_mark 1984 0
xt_MARK 2464 0
xt_multiport 3264 4
xt_NFQUEUE 2144 0
xt_physdev 3024 0
xt_pkttype 2016 4
xt_policy 3648 0
xt_state 2272 11
xt_tcpmss 2336 0
xt_tcpudp 3136 12
Shorewall has detected the following iptables/netfilter capabilities:
NAT: Available
Packet Mangling: Available
Multi-port Match: Available
Extended Multi-port Match: Available
Connection Tracking Match: Available
Packet Type Match: Available
Policy Match: Available
Physdev Match: Available
Physdev-is-bridged Support: Available
Packet length Match: Available
IP range Match: Available
Recent Match: Available
Owner Match: Available
Ipset Match: Not available
CONNMARK Target: Available
Extended CONNMARK Target: Available
Connmark Match: Available
Extended Connmark Match: Available
Raw Table: Available
IPP2P Match: Not available
CLASSIFY Target: Available
Extended REJECT: Available
Repeat match: Available
MARK Target: Available
Extended MARK Target: Available
Mangle FORWARD Chain: Available
Comments: Available
Address Type Match: Available
TCPMSS Match: Available
Hashlimit Match: Available
NFQUEUE Target: Available
Traffic Control
Device eth0:
qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 598809 bytes 871 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
Device eth1:
qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
Device eth2:
qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 2560 bytes 47 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
Device ppp0:
qdisc pfifo_fast 0: bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
Sent 859 bytes 15 pkt (dropped 0, overlimits 0 requeues 0)
rate 0bit 0pps backlog 0b 0p requeues 0
TC Filters
Device eth0:
Device eth1:
Device eth2:
Device ppp0:
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
