Mailinglist Archive: opensuse (1885 mails)

[lynn <lynn@xxxxxxxxxxxx>]

On Wednesday 08 April 2009 11:00:28 Rodney Baker wrote:
> On Wed, 8 Apr 2009 17:15:06 lynn wrote:
> > > > FWIW, the NAS uses BusyBox Linux. Not sure if I can ask questions
> > > > about that here.
> > >
> > > Try to see with Wireshark (ex etheral). It is included in distro and
> > > even in very simple configuration can tell you what is wrong.
> >
> > Hi here is the wireshark output. Any idea what it means? If you have a
> > minute? I've no idea!
> >
> > http://sierraberniaschool.com/lynn.txt
> >
> > L x
>
> Lynn,
>
> Either the firewall is blocking broadcasts from outside (the NAS side) to
> inside (the server side) or it is blocking outgoing netbios packets. The
> NAS box is trying to do a netbios name query to determine the address of
> the server - it is then getting no response so it tries a DNS query (which
> goes to your ISP's DNS, which probably doesn't know where your server is
> anyway, since it is on your internal network).
>
> The NAS box then tries to force a browser election by claiming to be the
> master browser for your network (your server 192.168.1.3 probably should be
> the master browser). Apart from DNS, nowhere do I see the server responding
> to the netbios name queries and (as Rajko noted elsewhere) your trace
> finishes before the browser election is completed.
>
> Does your ADSL router have a built-in firewall? If so, can I suggest that
> you enable that and turn off Suse Firewall? That's how I run my network - I
> have in fact 2 routers between the network and the outside world -  a
> wireless router/switch inside the network which talks to the DSL/VoIP
> modem/router that is the interface to outside. Both of these devices have
> firewalls enabled (probably a bit over the top - one would do) so I dont'
> bother with the software firewall (SuSE Firewall) on the server and all
> Windoze boxes have their Windoze firewall turned off too.
>
> That way, all machines talking to the server are inside the firewall and I
> don't have to worry about access problems between machines (it also helps
> that I'm the only user, apart from the wife very occassionally).
>
> HTH.
>
> Rodney.

Phew. Thanks for taking all that time Rodney. Yes. The adsl router does have a 
firewall. It's a good idea if SuSEfirewall2 doesn't work. It has these 
options:

Enable DOS and Portscan Protection :    
SYN attack :    
FIN/URG/PSH attack :    
Ping Attack :   
Xmas Tree attack :      
TCP reset attack :      
Null scanning attack :  
Ping of Death attack :  
SYN/RST SYN/FIN attack : 

Which would you suggest setting to 'yes' bearing in mind the my NAS runs a 
bittorrent client (ctorrent with dctcs).

There's also NAT which I've no ports forwarded except ALG as follows(the d-
link default I think):

PPTP :  
IPSec (VPN Passthrough) :       
RTSP (Online Video Streaming) : 
Windows/MSN Messenger :         (automatically disabled if UPnP is enabled)
FTP :   
H.323 (Video Conferencing) :    
SIP : 

Isn't just NAT good enough for what I want to do? Listen to mp3's and avi's I 
have on my laptop? If no one can connect to me from the outside then I'm OK 
internally on the lan no? 

Cheers, L x     


-- 
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx