Mailinglist Archive: opensuse (3349 mails)

< Previous Next >
Re: [SLE] Internal LAN cannot reach the wild Internet
  • From: Ronald Wiplinger <ronald@xxxxxxxxx>
  • Date: Wed, 18 May 2005 01:22:22 +0800
  • Message-id: <428A284E.1040300@xxxxxxxxx>
Ken Schneider wrote:

On Wed, 2005-05-18 at 00:46 +0800, Ronald Wiplinger wrote:

Ken Schneider wrote:


On Wed, 2005-05-18 at 00:28 +0800, Ronald Wiplinger wrote:





How do you connect to the internet? It looks like you are using a public
address on eth1 which I am not sure is appropriate. I would expect a
ppp0 or adsl0(?) interface which connects to the internet through your
ISP.




The public IP is correct. The machine is really on the "wild Internet"


bye

Ronald


Again, how do you connect to the internet?, my crystal ball is broken.
There has to be some device you plug into, unless your ISP ran a
v e r y l o n g cat 5 cable to your place.


Your crystal ball is not brocken, ... I DO have fix public IP addresses here, ... if you see it as a LONG cat 5 cable or a fiber is not important.

eth1 is connected to the Internet, eth0 is connected to the LAN

sharing with /etc/sysconfig/network/ifcfg-xxxx and route files would help to recognize the problem

also send your SuSEfirewall2 rules and other related files

ping on server works?



# cat ifcfg-eth0
BOOTPROTO='static'
BROADCAST='192.168.1.255'
IPADDR='192.168.1.254'
MTU=''
NETMASK='255.255.255.0'
NETWORK='192.168.1.0'
REMOTE_IPADDR=''
STARTMODE='auto'
USERCONTROL='no'
_nm_name='static-0'

# cat ifcfg-eth-id-00\:0f\:ea\:8d\:43\:a9
BOOTPROTO='static'
BROADCAST='61.220.121.255'
IPADDR='61.220.121.21'
MTU=''
NETMASK='255.255.255.0'
NETWORK='61.220.121.0'
REMOTE_IPADDR=''
STARTMODE='auto'
UNIQUE='B35A.CrrGZ_ENih8'
USERCONTROL='no'
_nm_name='bus-pci-0000:02:00.0'

# cat routes
default 61.220.121.17 - -

# grep -v ^# SuSEfirewall2

FW_QUICKMODE="no"
FW_DEV_EXT="eth-id-00:0f:ea:8d:43:a9"
FW_DEV_INT="eth0"
FW_DEV_DMZ=""
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_DEV="$FW_DEV_EXT"
FW_MASQ_NETS="0/0"
FW_PROTECT_FROM_INTERNAL="no"
FW_AUTOPROTECT_SERVICES="no"
FW_SERVICES_EXT_TCP="5801 5901 80 domain http https imap imaps pop3 pop3s smtp ssh netbios-ns netbios-dgm netbios-ssn microsoft-ds"
FW_SERVICES_EXT_UDP="domain bootps"
FW_SERVICES_EXT_IP=""
FW_SERVICES_EXT_RPC=""
FW_SERVICES_DMZ_TCP="80"
FW_SERVICES_DMZ_UDP=""
FW_SERVICES_DMZ_IP=""
FW_SERVICES_DMZ_RPC=""
FW_SERVICES_INT_TCP="80"
FW_SERVICES_INT_UDP=""
FW_SERVICES_INT_IP=""
FW_SERVICES_INT_RPC=""
FW_SERVICES_DROP_EXT=""
FW_SERVICES_REJECT_EXT="0/0,tcp,113"
FW_SERVICES_QUICK_TCP=""
FW_SERVICES_QUICK_UDP=""
FW_SERVICES_QUICK_IP=""
FW_TRUSTED_NETS=""
FW_ALLOW_INCOMING_HIGHPORTS_TCP=""
FW_ALLOW_INCOMING_HIGHPORTS_UDP=""
FW_FORWARD=""
FW_FORWARD_MASQ=""
FW_REDIRECT=""
FW_LOG_DROP_CRIT="yes"
FW_LOG_DROP_ALL="no"
FW_LOG_ACCEPT_CRIT="yes"
FW_LOG_ACCEPT_ALL="no"
FW_LOG_LIMIT=""
FW_LOG=""
FW_KERNEL_SECURITY="yes"
FW_ANTISPOOF="no"
FW_STOP_KEEP_ROUTING_STATE="no"
FW_ALLOW_PING_FW="yes"
FW_ALLOW_PING_DMZ="no"
FW_ALLOW_PING_EXT="no"
FW_ALLOW_FW_TRACEROUTE="yes"
FW_ALLOW_FW_SOURCEQUENCH="yes"
FW_ALLOW_FW_BROADCAST="int"
FW_IGNORE_FW_BROADCAST="no"
FW_ALLOW_CLASS_ROUTING="no"
FW_CUSTOMRULES=""
FW_REJECT="no"
FW_HTB_TUNE_DEV=""
FW_IPv6=""
FW_IPv6_REJECT_OUTGOING="yes"
FW_IPSEC_TRUST="no"



Any good news ;-)


bye

Ronald


< Previous Next >