2010/11/5 Alcir <[email protected]>: > Peco novamente ajuda aos senhores, pois ainda n'ao consigo abrir paginas no > navegador. J`a tentei uma `analise sistemica, mas algo ainda est`a errado!!! > > Tenho no servidor: > . conexao `a internet > .ping no nome www.gmail.com > . no ip google 8.8.8.8 > . e na estacao 192.168.2.7 > #ping 192.168.2.7 > PING 192.168.2.7 (192.168.2.7) 56(84) bytes of data. > 64 bytes from 192.168.2.7: icmp_req=1 ttl=64 time=0.656 ms > 64 bytes from 192.168.2.7: icmp_req=2 ttl=64 time=0.100 ms > > Na estacao: > .ping no servidor > . ping 8.8.8.8 ( fora ) > .ping www.gmail.com ( fora) > > Alguem poderia ajudar-me? > > Em 2 de novembro de 2010 11:04, Alcir <[email protected]> escreveu: >> >> Vou dobrar a mensagem, pois o motivo `e bom!!! >> >> server:/home/normal#ping 192.168.2.7 >> PING 192.168.2.7 (192.168.2.7) 56(84) bytes of data. >> 64 bytes from 192.168.2.7: icmp_req=1 ttl=64 time=0.113 ms >> 64 bytes from 192.168.2.7: icmp_req=2 ttl=64 time=0.103 ms >> >> >> Falta ainda conectar `a internet pela estacao, pois as paginas nao estao >> abrindo... Mas ta indo!!! >> >> Em 2 de novembro de 2010 10:15, Alcir <[email protected]> escreveu: >>> >>> Meu nobre, estou nessa batalha pela madrugada a dentro. O route del >>> default consertou a rota e depois do reboot assumiu corretamente. Mas o ping >>> continua fora.! Fiz o teste sistemico para a rede. >>> No servidor: >>> ping para 192.168.2.1 >>> ping 8.8.8.8 >>> ping para nome- www.gmail.com >>> >>> Todos ok!! >>> >>> Na Estacao: >>> ping 192.168.2.7 (ok! ) >>> ping 192.168.2.1 (fora) >>> >>> Tmbem tentei rodar >>> #cat /proc/sys/net/ipv4/ip_forward >>> >>> Confirmada saida (1) e a operacionalidade do forward >>> >>> #iptables -vL >>> >>> Nao mostra nenhum drop!! >>> >>> Coloquei um scriptzinho no rc.firewall com permissao de execucao no >>> boot: >>> >>> #vi /etc/rc.d/rc.firewall/roteando >>> >>> #!/bin/bash >>> iptables -t nat -F >>> iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE >>> >>> >>> >>> Tenho duvidas aqui: >>> a) O fail2ban ativo poderia estar provovando esse problema? >>> >>> b) O iptables precisa estar habilitado na estacao? >>> >>> >>> >>> Estou quase desesperando e partindo para uma pane de hardware. De >>> qualquer forma vou tentar arrumar uma nova placa de rede! >>> >>> Em 2 de novembro de 2010 09:18, Ellington Santos <[email protected]> >>> escreveu: >>>> >>>> 2010/11/1 Alcir <[email protected]>: >>>> > Parece que a rota consertou-se. >>>> > >>>> > #route -n >>>> > Kernel IP routing table >>>> > Destination Gateway Genmask Flags Metric Ref >>>> > Use >>>> > Iface >>>> > 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 >>>> > 0 eth1 >>>> > 192.168.1.0 0.0.0.0 255.255.255.0 U 202 0 >>>> > 0 eth0 >>>> > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 >>>> > 0 lo >>>> > 0.0.0.0 192.168.1.254 0.0.0.0 UG 202 0 >>>> > 0 eth0 >>>> > >>>> > >>>> > >>>> > Meu vi /etc/rc.local. Nothing!!! Tinhas falado antes em debugar... O >>>> > que >>>> > mais pode ser feito? >>>> > !/bin/sh >>>> > # >>>> > # /etc/rc.d/rc.local: Local system initialization script. >>>> > # >>>> > # Put any local startup commands in here. Also, if you have >>>> > # anything that needs to be run at shutdown time you can >>>> > # make an /etc/rc.d/rc.local_shutdown script and put those >>>> > # commands in there. >>>> > # BootSplash functions >>>> > . /etc/rc.d/rc.bootsplash >>>> > >>>> > >>>> > Em 1 de novembro de 2010 20:56, Ellington Santos >>>> > <[email protected]> >>>> > escreveu: >>>> >> >>>> >> 2010/11/1 Alcir <[email protected]>: >>>> >> > Desculpe o triplo post, mas reorganizei esses ips e sem sucesso. >>>> >> > Tento >>>> >> > dar >>>> >> > um ping da Estacao para o Servidor e nada! >>>> >> > >>>> >> > Reconfigurei o eth1 server para 192.168.2.1. >>>> >> > e a Estacao para 192.168.2.7 experimentando numa outra maquina. >>>> >> > >>>> >> > >>>> >> > -Saidas Servidor >>>> >> > server:/home/normal#route -n >>>> >> > Kernel IP routing table >>>> >> > Destination Gateway Genmask Flags Metric Ref >>>> >> > Use >>>> >> > Iface >>>> >> > 192.168.1.0 0.0.0.0 255.255.255.0 U 203 >>>> >> > 0 0 >>>> >> > eth0 >>>> >> > 192.168.110.0 0.0.0.0 255.255.255.0 U 0 >>>> >> > 0 0 >>>> >> > eth1 >>>> >> > 127.0.0.0 0.0.0.0 255.0.0.0 U 0 >>>> >> > 0 0 >>>> >> > lo >>>> >> > 0.0.0.0 192.168.1.254 0.0.0.0 UG 203 >>>> >> > 0 0 >>>> >> > eth0 >>>> >> > >>>> >> > #ping 192.168.2.7 >>>> >> > Destination host Unreachable >>>> >> > >>>> >> > #ping 8.8.8.8 >>>> >> > >>>> >> > 3 packets transmitted, 3 received, 0% packet loss, time 2001ms >>>> >> > rtt min/avg/max/mdev = 27.963/28.370/29.065/0.530 m >>>> >> > >>>> >> > #ping www.gmail.com >>>> >> > PING googlemail.l.google.com (64.233.163.83) 56(84) bytes of data. >>>> >> > 64 bytes from bs-in-f83.1e100.net (64.233.163.83): icmp_req=1 >>>> >> > ttl=55 >>>> >> > time=27.8 ms >>>> >> > 64 bytes from bs-in-f83.1e100.net (64.233.163.83): icmp_req=2 >>>> >> > ttl=55 >>>> >> > time=27.4 m >>>> >> > >>>> >> > #ping 192.168.2.7 >>>> >> > PING 192.168.2.7 (192.168.2.7) 56(84) bytes of data. >>>> >> > ^C >>>> >> > --- 192.168.2.7 ping statistics --- >>>> >> > 131 packets transmitted, 0 received, 100% packet loss, time >>>> >> > 129999ms >>>> >> > >>>> >> > Entrei com os comados >>>> >> > iptables -t nat -F >>>> >> > iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE >>>> >> > >>>> >> > >>>> >> > #vi /etc/rc.d/rc.inet1.conf >>>> >> > # Config information for eth0: >>>> >> > IPADDR[0]="" >>>> >> > NETMASK[0]="" >>>> >> > USE_DHCP[0]="yes" >>>> >> > DHCP_HOSTNAME[0]="" >>>> >> > >>>> >> > # Config information for eth1: >>>> >> > IPADDR[1]="192.168.2.1" >>>> >> > NETMASK[1]="255.255.255.0" >>>> >> > USE_DHCP[1]="" >>>> >> > DHCP_HOSTNAME[1]="" >>>> >> > # Default gateway IP address: >>>> >> > GATEWAY="" >>>> >> > >>>> >> > >>>> >> > >>>> >> > -Saidas da Estacao >>>> >> > >>>> >> > # Config information for eth0: >>>> >> > IPADDR[0]="192.168.2.7" >>>> >> > NETMASK[0]="255.255.255.0" >>>> >> > USE_DHCP[0]="" >>>> >> > DHCP_HOSTNAME[0]="" >>>> >> > >>>> >> > # Config information for eth1: >>>> >> > IPADDR[1]="" >>>> >> > NETMASK[1]="" >>>> >> > USE_DHCP[1]="" >>>> >> > DHCP_HOSTNAME[1]="" >>>> >> > # Default gateway IP address: >>>> >> > GATEWAY="192.168.2.1" >>>> >> > >>>> >> > >>>> >> > Nameserver: 200.149.55.140 so` estou usando o DNS prim`ario , pois >>>> >> > estou >>>> >> > configurando pelo netconfig >>>> >> > Em 1 de novembro de 2010 15:48, Alcir <[email protected]> >>>> >> > escreveu: >>>> >> >> >>>> >> >> Melhorando: >>>> >> >> >>>> >> >> E na workstation ? Atribui no Netconfig da Worstation o Gateway >>>> >> >> sendo o >>>> >> >> mesmo ip usado na eth1 do servidor ( 192.168.110.50) `e isso? >>>> >> >> Essa >>>> >> >> classe >>>> >> >> de ips fica correta >>>> >> >> >>>> >> >> Em 1 de novembro de 2010 15:36, Alcir <[email protected]> >>>> >> >> escreveu: >>>> >> >> Ellington Santos >>>> >> >> >>>> >> >> >Deixe o campo GATEWAY vazio, pois ele será populado pelo dhcp. >>>> >> >> >>>> >> >> E na workstation ? Atribui o mesmo ip usado na eth1 do servidor ( >>>> >> >> 192.168.110.50) `e isso? Essa classe de ips fica correta? >>>> >> >> >>>> >> >> Em 1 de novembro de 2010 15:36, Alcir <[email protected]> >>>> >> >> escreveu: >>>> >> >>> >>>> >> >>> Ellington Santos >>>> >> >>> >>>> >> >>> >Deixe o campo GATEWAY vazio, pois ele será populado pelo dhcp. >>>> >> >>> >>>> >> >>> E na workstation ? Atribui o mesmo ip usado na eth1 do servidor ( >>>> >> >>> 192.168.110.50) `e isso? Essa classe de ips fica correta? >>>> >> >>> >>>> >> >>> >>>> >> >>> >>>> >> >>> Em 31 de outubro de 2010 12:39, Guilherme Lima >>>> >> >>> <[email protected]> >>>> >> >>> escreveu: >>>> >> >>>> >>>> >> >>>> >>>> >> >>>> Em 30 de outubro de 2010 20:41, Alcir <[email protected]> >>>> >> >>>> escreveu: >>>> >> >>>>> >>>> >> >>>>> Guilherme, boa noite! >>>> >> >>>>> >>>> >> >>>> >>>> >> >>>> opa... bom dia! >>>> >> >>>> >>>> >> >>>> Então ... como vi abaixo sua eth0 e eth1 se encontram na mesma >>>> >> >>>> subrede >>>> >> >>>> 192.168.1.0, sugiro mudar a subrede de ip do modem >>>> >> >>>> (192.168.0.254 por >>>> >> >>>> exemplo) e adicionar na interface externa um ip da mesma rede. >>>> >> >>>> Caso >>>> >> >>>> não >>>> >> >>>> possa fazê-lo terá que trabalhar com bridge... desta forma o >>>> >> >>>> roteamento >>>> >> >>>> funcionará. >>>> >> >>>> >>>> >> >>>> >>>> >> >>>>> >>>> >> >>>>> >Caso persista informe. Sempre é bom tentar explicar seu >>>> >> >>>>> > procedimento. >>>> >> >>>>> > >Entendi mais lendo um e-mail raivoso que o calmo ... >>>> >> >>>>> > > hehehehehe >>>> >> >>>>> >>>> >> >>>>> >>>> >> >>>>> Realmente, o mail foi raivoso. Ja` passou! A mansidao e >>>> >> >>>>> humildade >>>> >> >>>>> sao >>>> >> >>>>> minha praia. E, com essa mesma humildade, informo-lhe que >>>> >> >>>>> segui >>>> >> >>>>> exatamente >>>> >> >>>>> AS SUAS dicas. >>>> >> >>>>> >>>> >> >>>>> Vou informar um pouco mais sobre a duvida do gateway que foi a >>>> >> >>>>> porta >>>> >> >>>>> desse problema, ok! >>>> >> >>>>> Continuo errando em algum ponto... Estou usando um modem >>>> >> >>>>> Thomsom em >>>> >> >>>>> Bridge, um switch Dlink DES-1024 e conectando na eth0 do >>>> >> >>>>> futuro >>>> >> >>>>> servidor >>>> >> >>>>> dinamicamente ( dhcp ). >>>> >> >>>>> Meus passos foram: >>>> >> >>>>> 1) Na eth1 ( rede interna ) do Servior fixei o ip em >>>> >> >>>>> 192.168.1.50 >>>> >> >>>>> atraves do >>>> >> >>>>> /etc/rc.d/rc.inet1.conf e subi o ifconfig eth1 192.168.1.50 up >>>> >> >>>>> , >>>> >> >>>>> deixando o Gateway vazio >>>> >> >>>>> >>>> >> >>>>> 2) ifconfig eht0 restart e eht1 d'ao: >>>> >> >>>>> Host name lookup failure >>>> >> >>>>> >>>> >> >>>>> 3) Na estacao rodei netconfig pondo o ip fixo 192.168.1.4 e o >>>> >> >>>>> Gateway >>>> >> >>>>> que esta amarrado na eth1 do Servidor ( 192.168.1.50 ). Entendi >>>> >> >>>>> que >>>> >> >>>>> essa >>>> >> >>>>> seria a forma de ver o servidor. >>>> >> >>>>> >>>> >> >>>>> 4) Rodei o etc/rc.d/rc.ip_forward dando permissao de execucao e >>>> >> >>>>> start >>>> >> >>>>> >>>> >> >>>>> 5) Tentei uma regrinha de iptables e nat em eth0. Aqui bolei, >>>> >> >>>>> pois >>>> >> >>>>> nao >>>> >> >>>>> consegui carregar: modprobe iptable_nat >>>> >> >>>>> >>>> >> >>>>> #iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE ( pus >>>> >> >>>>> eth0 por >>>> >> >>>>> ser a chegada da intenet ) >>>> >> >>>>> >>>> >> >>>>> Consigo pingar para eth1 ( 192.168.1.50 ) e para o google, mas >>>> >> >>>>> nunca >>>> >> >>>>> para a estacao com ip 192.168.1.4! >>>> >> >>>>> >>>> >> >>>>> O vi /etc/udev/rules.d/70- persistent-net.rules >>>> >> >>>>> mostra as duas placas ethernet com o MAC e o NAME >>>> >> >>>>> correspondentes. >>>> >> >>>>> >>>> >> >>>>> Apos segui os passos de: >>>> >> >>>>> >>>> >> >>>>> #route -n >>>> >> >>>>> Destination Gateway Genmask Flags Metric >>>> >> >>>>> Ref >>>> >> >>>>> Use >>>> >> >>>>> Iface >>>> >> >>>>> 192.168.1.0 0.0.0.0 255.255.255.0 U 202 >>>> >> >>>>> 0 0 >>>> >> >>>>> eth0 >>>> >> >>>>> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 >>>> >> >>>>> 0 0 >>>> >> >>>>> lo >>>> >> >>>>> 0.0.0.0 192.168.1.254 0.0.0.0 UG 202 >>>> >> >>>>> 0 0 >>>> >> >>>>> eth0 >>>> >> >>>> >>>> >> >>>> Veja que a rota da eth1 não foi reconhecida.. pois se encontra >>>> >> >>>> no >>>> >> >>>> mesma >>>> >> >>>> subrede. Os pacotes saem, mas não voltam!.... =) >>>> >> >>>> Com certeza a primeira interface que voce configurou foi a eth0, >>>> >> >>>> por >>>> >> >>>> isso toda rota aponta pra ela. >>>> >> >>>> >>>> >> >>>> Para usar bridge use as configurações apresentadas no outro >>>> >> >>>> e-mail. >>>> >> >>>> Sugiro que tente não usar!.. >>>> >> >>>> >>>> >> >>>> =P >>>> >> >>>> >>>> >> >>>>> >>>> >> >>>>> e depois: >>>> >> >>>>> >>>> >> >>>>> route del default >>>> >> >>>>> route add defult eth0 >>>> >> >>>>> route del 192.168.1.50 e fiz um teste usando 192.168.1.254 >>>> >> >>>>> >>>> >> >>>>> Infelizmente ainda nao tenho bons resultados. : ( >>>> >> >>>>> >>>> >> >>>>> Mas, ja`grato pela ajuda de todos! >>>> >> >>>> >>>> >> >>>> Peço desculpas se fui mal (com "L" hehehehe) interpretado no >>>> >> >>>> e-mail >>>> >> >>>> inicial. =( >>>> >> >>>> >>>> >> >>>> Poste resultados. >>>> >> >>>> >>>> >> >>>> =D >>>> >> >>>>> >>>> >> >>>>> -- >>>> >> >>>>> GUS-BR - Grupo de Usuários de Slackware Brasil >>>> >> >>>>> http://www.slackwarebrasil.org/ >>>> >> >>>>> http://groups.google.com/group/slack-users-br >>>> >> >>>>> >>>> >> >>>>> Antes de perguntar: >>>> >> >>>>> http://www.istf.com.br/perguntas/ >>>> >> >>>>> >>>> >> >>>>> Para sair da lista envie um e-mail para: >>>> >> >>>>> [email protected] >>>> >> >>>> >>>> >> >>>> >>>> >> >>>> -- >>>> >> >>>> Guilherme de Lima Gontijo >>>> >> >>>> -- >>>> >> >>>> code green - network & it >>>> >> >>>> Econtec - www.econtecbrasil.com.br >>>> >> >>>> pQui Linux - www.pquilinux.org >>>> >> >>>> >>>> >> >>>> -- >>>> >> >>>> GUS-BR - Grupo de Usuários de Slackware Brasil >>>> >> >>>> http://www.slackwarebrasil.org/ >>>> >> >>>> http://groups.google.com/group/slack-users-br >>>> >> >>>> >>>> >> >>>> Antes de perguntar: >>>> >> >>>> http://www.istf.com.br/perguntas/ >>>> >> >>>> >>>> >> >>>> Para sair da lista envie um e-mail para: >>>> >> >>>> [email protected] >>>> >> >> >>>> >> > >>>> >> > -- >>>> >> > GUS-BR - Grupo de Usuários de Slackware Brasil >>>> >> > http://www.slackwarebrasil.org/ >>>> >> > http://groups.google.com/group/slack-users-br >>>> >> > >>>> >> > Antes de perguntar: >>>> >> > http://www.istf.com.br/perguntas/ >>>> >> > >>>> >> > Para sair da lista envie um e-mail para: >>>> >> > [email protected] >>>> >> >>>> >> Você tem uma rota maluca aí para a rede 192.168.110.0. Ela deve estar >>>> >> bagunçando tudo. E me parece q falta a saída da rede 192.168.2.0 pela >>>> >> eth1. >>>> >> Pelas configurações, parece que vc tem alguma opção perdida aí em >>>> >> algum >>>> >> lugar. >>>> >> Verifique se não ficou nada no rc.local e reboota a máquina para >>>> >> garantir que não ficou nada de configurações anteriores. >>>> >> >>>> >> -- >>>> >> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= >>>> >> >> necropresto - Slackware User << >>>> >> >> [email protected] << >>>> >> >> [email protected] << >>>> >> >>>> >> -- >>>> >> GUS-BR - Grupo de Usuários de Slackware Brasil >>>> >> http://www.slackwarebrasil.org/ >>>> >> http://groups.google.com/group/slack-users-br >>>> >> >>>> >> Antes de perguntar: >>>> >> http://www.istf.com.br/perguntas/ >>>> >> >>>> >> Para sair da lista envie um e-mail para: >>>> >> [email protected] >>>> > >>>> > -- >>>> > GUS-BR - Grupo de Usuários de Slackware Brasil >>>> > http://www.slackwarebrasil.org/ >>>> > http://groups.google.com/group/slack-users-br >>>> > >>>> > Antes de perguntar: >>>> > http://www.istf.com.br/perguntas/ >>>> > >>>> > Para sair da lista envie um e-mail para: >>>> > [email protected] >>>> >>>> Agora o ping deve funcionar. Antes, ele achava que a saída pela eth1 >>>> era da rede 192.168.110.0: >>>> >>>> 192.168.110.0 0.0.0.0 255.255.255.0 U 0 0 0 >>>> eth1 >>>> >>>> Agora quem saí pela eth1 é a rede certa: >>>> 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 >>>> eth1 >>>> >>>> Testa de novo os pings e tudo mais. >>>> >>>> >>>> -- >>>> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= >>>> >> necropresto - Slackware User << >>>> >> [email protected] << >>>> >> [email protected] << >>>> >>>> -- >>>> GUS-BR - Grupo de Usuários de Slackware Brasil >>>> http://www.slackwarebrasil.org/ >>>> http://groups.google.com/group/slack-users-br >>>> >>>> Antes de perguntar: >>>> http://www.istf.com.br/perguntas/ >>>> >>>> Para sair da lista envie um e-mail para: >>>> [email protected] >>> >> > > -- > GUS-BR - Grupo de Usuários de Slackware Brasil > http://www.slackwarebrasil.org/ > http://groups.google.com/group/slack-users-br > > Antes de perguntar: > http://www.istf.com.br/perguntas/ > > Para sair da lista envie um e-mail para: > [email protected]
Cola aqui a saída dos comandos: iptables -L iptables -t nat -L cat /proc/sys/net/ipv4/ip_forward -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= >> necropresto - Slackware User << >> [email protected] << >> [email protected] << -- GUS-BR - Grupo de Usuários de Slackware Brasil http://www.slackwarebrasil.org/ http://groups.google.com/group/slack-users-br Antes de perguntar: http://www.istf.com.br/perguntas/ Para sair da lista envie um e-mail para: [email protected]
