[Tfug] OpenBSD Firewall
Charles Kiss
charlesrkiss at hotmail.com
Thu Jun 3 10:39:30 MST 2004
Well, I thought I'd throw in the relevant files: the only pinging that is a
problem is via the crossover cable, the "host" command works fine on the
firewall, but I do get a "/bsd: ne1: device timeout" error on the ne1
(inward facing card) from the firewall (which makes me pause). It might no
longer have an IRQ number (which is supposed to be 10), ever since I've
constructed the bridge with ne3, and then deleted it, but I can ping ne1
from the firewall[FW], but I can't ping it from the workstation[WS]. Can
somone review the routing tables, and config files and let me know where are
errors:
Physical SetUp:
192.168.1.1 dynamic
[WS 2] eth0 ------------- ne1 [Firewall] ne3
---------------[Router]---------------[Modem]-------{internet}
|
192.168.1.103 :102 :101 |
[WS 1]
192.168.1.100
[WS 2] /etc/network/interfaces file:
# /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
# The loopback interface
auto lo
iface lo inet loopback
# The first network card - this entry was created during the Debian
installation
auto eth0
iface eth0 inet static [I added the word static
here, and filled in the addresses]
address 192.198.1.103
netmask 255.255.255.255
gateway 192.168.1.102
[WS 2] Ifconfig :
eth0 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX
inet addr:192.168.1.103 Bcast:192.168.1.255 Mask:255.255.255.255
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:2276 errors:0 dropped:0 overruns:0 carrier:2276
collisions:0
RX bytes:0 (0.0 b) TX bytes:598868 (584.8 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:379 errors:0 dropped:0 overruns:0 frame:0
TX packets:379 errors:0 dropped:0 overruns:0 carrier:0
collisions:0
RX bytes:32580 (31.8 KiB) TX bytes:32580 (31.8 KiB)
[WS 2] route:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref
Use Iface
192.168.1.103 house 255.255.255.255 UGH 0 0 0
lo
house house 255.255.255.255 UGH 0 0
0 lo
192.168.1.0 192.168.1.103 255.255.255.0 UG 0 0 0
eth0
default 192.168.1.102 0.0.0.0 UG 0 0
0 eth0
[WS 2] arp
? (192.168.1.102) at "hardware address of workstation" [ether] PERM on eth0
[FW] ifconfig:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33224
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
ne1: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: sorry:guys media: Ethernet manual
inet6 xx:xx:xx:xx:xx:xx ne1 prefixlen 64 scopeid 0x1
inet 192.168.1.102 netmask 0xffffff00 broadcast 192.168.1.255
ne3: flags=8863<UP,BROADCAST,NOTRAILERS,RUNNING,SIMPLEX,MULTICAST> mtu 1500
address: XX:XX:XX:XX:XX
media: Ethernet manual
inet6 XX:XX:XX:XX:XX:XX ne3 prefixlen 64 scopeid 0x2
inet 192.168.1.101 netmask 0xffffff00 broadcast 192.168.1.255
pflog0: flags=141<UP,RUNNING,PROMISC> mtu 33224
pfsync0: flags=0<> mtu 2020
enc0: flags=0<> mtu 1536
[FW] Routing tables:
Internet:
Destination Gateway Flags
default 192.168.1.1 UG
127.0.0.0 127.0.0.1 UG
localhost 127.0.0.1 UH
192.168.1.0 link#2 U
192.168.1.1 "blah:blah:blah" UH
192.168.1.101 127.0.0.1 UGH
192.168.1.102 127.0.0.1 UGH
192.168.1.103 192.168.1.102 UGH
BASE-ADDRESS.MCA 127.0.0.1 U
[FW] arp -a
? (192.168.1.1) at "hardware address of router" on ne3
Super Thanks,
charles
ps. the weather here is the same: less hot than over there.
More information about the tfug
mailing list