Date: Tue, 14 Nov 2000 20:55:07 -0800 (PST)
From: "S.Toms"
Date: Tue, 14 Nov 2000 21:44:59 -0800 (PST)
From: "S.Toms"
Date: Wed, 15 Nov 2000 11:20:42 -0600 (CST)
From: Adi Gadwale
Just recently, yesterday, verizon went off line for a while. Anyway, when they came back online I couldn't get the dhclient to grab an address, both cards could talk to the internal if I switched around the config settings to swap the cards but no matter what, I couldn't get an address through dhclient. After disabling the firewall, which has worked fine since versions 6.3, I was able to grab an address without any problems, re-enabling the firewall and restarting again would again nolonger grab an address with dhclient. The only work around I can come up with is to disable the firewall, restart the computer (which then grabs an address) then re-enable the firewall and manually start it. Does anyone have any similar problems, any ideas what could be causing a perfectly working firewall/router to all of a sudden cease working properly on boot up?
-- S.Toms - tomas@primenet.com - www.primenet.com/~tomas SuSE Linux v7.0+ - Kernel 2.2.17
"But officer, I was only trying to gain enough speed so I could coast to the nearest gas station."
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
Date: Wed, 15 Nov 2000 12:41:03 -0500
From: Damon Register
I have always had problems similar to this. The solution I came up with was to use the firewall that came with Roaring Penguin PPPOE rather than enable the SuSE firewall.
On Tue, 14 Nov 2000, S.Toms wrote:
Just recently, yesterday, verizon went off line for a while. Anyway, when they came back online I couldn't get the dhclient to grab an address, both cards could talk to the internal if I switched around the config settings to swap the cards but no matter what, I couldn't get an address through dhclient.
If this is what I think it is, there is no need to scrap the SuSE firewall. This seems very much like the problem I had some time ago and had a difficult time solving. I found just like you S. Toms that I could get a lease by disabling the firewall but then when the firewall is on, I could not get a lease. The problem was that the firewall was preventing my ISP's dhcp acknowledge from coming back to my system so the lease always failed. The failure involved ICMP and I found that in order to get dhcp to work with my ISP, I have to edit /etc/rc.config.d/firewall.rc.config and change item 17 to be FW_KERNEL_SECURITY="no" and then leases would work just fine. Would you please let me know if this works for you? Damon Register
Date: Wed, 15 Nov 2000 20:29:20 -0800 (PST)
From: "S.Toms"
Date: Thu, 16 Nov 2000 09:35:18 -0500
From: Damon Register
Well, it seemed to solve the problem. Then I switched it back to see Then almost certainly it is the same problem I had. It seems that FW_KERNEL_SECURITY="yes" is incompatible with DHCP ISPs.
what would happen and it started working again. So now I'm not sure what happened, but it now gives me something to try if it happens again. Any I found that was the case for me too. It will work for a while until the lease expires and your system tries to get a new lease. You will find that it will work for maybe a day or more depending on how long the lease is good and then it will die.
idea what kind of security risks setting it to no and leaving it will cause? This I can't answer but I would like to know. Can you answer that one Lenz (or anyone else from SuSE)?
Damon Register
participants (3)
-
adi@gadwale.com -
damon.w.register@lmco.com -
tomas@primenet.com