Howdy -- I was (mostly blindly and dumbly) playing around with ipchains
trying to create a simple firewall on my ADSL connection and I did myself a
bad thing 8^( and also left my system in a state which confuses the heck out
of me). I'm running a stock RH 6.2 distro. I'm running the roaring penquin
1.9 pppoe software also. All my interfaces are receving packets fine but not
transmitting any. According to ifconfig my net ifaces are:
lo Link encap:Local Loopback
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:2000 errors:28 dropped:0 overruns:0
TX packets:0 errors:0 dropped:0 overruns:2000
eth0 Link encap:10Mbps Ethernet HWaddr 00:60:08:2A:D2:24
inet addr:192.168.0.5 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:110197 errors:1754 dropped:0 overruns:0
TX packets:0 errors:0 dropped:0 overruns:184281
Interrupt:11 Base address:0xe8c0
ppp0 Link encap:Point-Point Protocol
inet addr:216.107.60.204 P-t-P:216.107.60.6 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1524 Metric:1
RX packets:379 errors:10 dropped:0 overruns:0
TX packets:0 errors:0 dropped:0 overruns:347
ppp1 Link encap:Point-Point Protocol
inet addr:141.150.41.165 P-t-P:10.5.2.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:33058 errors:206 dropped:0 overruns:0
TX packets:0 errors:0 dropped:0 overruns:11964
ppp0 is an analog connection and ppp1 is the DSL. What's twisting my mind is
that everything still works, meaning that I use a dyndns service and I can
ftp, telnet, www, pop3 via the ppp1 interface via my domain with no
troubles. ppp1 is the default route/gateway. If no packets are traveling out
over ppp1 HOW THE HELL can i get e-mail, browse, ftp, etc on my box from
other boxen??...I must have absolutely no clue about how packets/networking
work!? I got rid of any of the firewall stuff I was playing with an have a
simple
masquerading bit in rc.local now as I have a few machines using this boxen
as gateway to the inet.
ipchains -P forward -i DENY
ipchains -A forward -i ppp1 -j MASQ
echo 1 > /proc/sys/net/ipv4/ip_forward
Just temporary of course. I've been looking around all day trying to figure
how this is and how I can get rid of the overruns and have the ifaces
actually send packets. Any clue would be helpful...embarass me, at this
point humility becomes me.
Regards and TIA,
Mike Wafkowski
==========================================
As a computer, I find your faith in technology amusing.
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
