On Mon, 2004-06-07 at 15:25, Leendert Meyer wrote:
On Monday 07 June 2004 11:26, Ulrich Leopold wrote:
On Mon, 2004-06-07 at 09:59, Leendert Meyer wrote:
On Monday 07 June 2004 08:29, Ulrich Leopold wrote:
On Mon, 2004-06-07 at 03:03, Leendert Meyer wrote:
BTW, can you setup a static ip# on the client?
When I log in from the client on the server via ssh it works with a static ip#. But nothing else.
Not even ping? Ping host -> client, ping client -> host? ... Now I do not know what is wrong?
Ping works with static address and dynamic address. ssh works also with both.
Huh? :)) So the dhcp setup works already?! Great.
Then we can move on to the firewall. Use YaST -> Security -> Firewall. I included some variables from /etc/sysconfig/SuSEfirewall2, but YaST should set them up allright. They are in case of trouble to compare against.
The following variables matter for SuSEfirewall2
*** For the server:
FW_DEV_EXT="eth-id-xx:xx:xx:xx:xx:xx" FW_DEV_INT="eth-id-yy:yy:yy:yy:yy:yy" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_NETS="0/0" FW_PROTECT_FROM_INTERNAL="no" FW_SERVICE_AUTODETECT="yes"
FW_SERVICE_AUTODETECT="yes": means the firewall should detect some services, e.g. dhcp server, and enable them automatically.
Start YaST -> Security -> Firewall:
*) select the external and internal interfaces ifconfig shows the mac address (hw addr) that is used to distinguish eth devices
*) perhaps enable/disable some services (does not matter)
*) Firewall features: [x] Forward traffic and do masquerading [ ] Protect from internal network I believe these do not matter ATM: [x] Protect all running services [x] Allow traceroute [ ] Treat IPsec traffic as internal
*) Logging options: Your choice. Default is good.
*** For the client:
basic settings should be *fine*. Perhaps only set the external interface
FW_DEV_EXT="eth-id-zz:zz:zz:zz:zz:zz"
That should get you on the net.
Ok. I have all these options checked. It should work now. But it does not. I have the feeling that the problem is in the transmission on teh server of input from eth1 (dhcpd-server, internal device) to eth0 (dhcp-client to the internet, external device). Maybe the router configuration doe snot match? I configured this as default=192.168.01 and IP forwarding. In addition when I boot now the computer I get martian sources from my ISP somewhere which "blocks" the internet. Is this due to running and detecting a dhcpd-server? I am getting a bit lost I must say. I have been configuring and trying so much that I might have screwed something up now (?). Anyway, I woudl be gratful for further suggestions how to detect the flow from eth1 to eth0. Cheers, Ulrich