On 3/17/11 7:36 PM, Jay Ridgley wrote: > On 03/17/2011 07:10 PM, Tom Eastep wrote: >> On 3/17/11 4:38 PM, Jay Ridgley wrote: >> >>> >>> OLD runs Ubuntu 8.04 LTS and NEW runs Ubuntu 10.04.2 LTS Shorewall >>> versions are 4.0 and 4.4 respectively. >>> >>> Both systems have three interfaces(net, local and wireless). >>> >>> Here is what is happening I can ping -c3 yahoo.com no problem. >> >> From where? Firewall? System inside the firewall? System in your >> neighbor's garage? > > I am sorry, the problem manifests itself on my laptop which has a wireless > connection to my local network. It is from within home (my chair in the > living > room). The remainder of my systems are all wired. Those systems do not appear > to > be affected, only the laptop. >> >>> I can ping inside my local net no problem. I have an IP address that >>> was assigned via dhclinet (it is as expected). >> >> *You* do not have an IP address. Some computer that you are using has an >> IP address. Again, inside the firewall? > > I was referring to my laptop once again. The IP address is the one obtained > through the negotiation with the access point from the firewall system. Yes, > it > is inside the firewall. > >> >>> I bring up my browser and it fails to properly load. >> >> The binary fails to run or your home page cannot be loaded. > > The home page, stops loading. The binary is still running. It eventually > displays an error screen that states it could not connect to the site. >> >>> My routes look OK and my IP address is still there. I can no longer >>> ping my fierewall. >> >> You could ping the firewall before you started your browser? >> > Yes, I am able to ping the firewall before I start the browser. In fact, I am > able to obtain an SSH connection the the firewall. >>> >>> I have checked my configuration files /etc/dhcp3/dhcpd.conf >>> /etc/dhcp3/dhclient.conf and /etc/interfaces are the same (I used >>> diff on them). I am going to do the same for each of the >>> configuration file in Shorewall before I send this. There were only >>> the differences that were expected. >> >> Did you go through the 4.0->4.4 migration document >> (http://www.shorewall.net/LennyToSqueeze.html) and assess each potential >> problem against your configuration? > > Yes, I did make some corrections based upon that review, however, there were > only two or three of them. >> >>> >>> PLEASE take a peek at it and let me know if you see anything amiss. >>> >>> If you need anything else please let know. >>> >> >> There seem to be lots of connections passing through the Shorewall box? >> Is this problem limited to you (your personal system) or are all users >> on the LAN or wireless networks affected? > > Are the number of these connections abnormal? My wireless connection should > only > be coming from my 192.168.139.32/28 subnet the allowed hosts are within > 192.168.139.35 through 192.168.139.39 range. I am including the entry from > /etc/dhcp3/dhcpd.conf for both the wireless and wired subnets below: > > > # DHCP subnet a wireless Access Point for eth2 >
In the old config, there were eth0,eth1 and eth2. In the new config, there are eth0, eth3 and eth4 I assume that all subsystems that care have been updated accordingly? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Colocation vs. Managed Hosting A question and answer guide to determining the best fit for your organization - today and in the future. http://p.sf.net/sfu/internap-sfd2d
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
