[opensuse] Problems with Samba and ip_forwarding with 11.2
Guys, Not sure what is going on with my new openSUSE 11.2 install, but I am unable to use my server any more as a router. I have checked and ip_forward is on, but not of my boxes are able to get out. I have searched the opensuse forms and I see that I have all the settings that everyone recommends but still no access. They other thing samba as stopped working altogether. Is these two things really that bad in 11.2? -- ----------------------------------------- Discover it! Enjoy it! Share it! openSUSE Linux. ----------------------------------------- openSUSE -- en.opensuse.org/User:Terrorpup openSUSE Ambassador/openSUSE Member skype,twiiter,identica,friendfeed -- terrorpup freenode(irc) --terrorpup/lupinstein Have you tried SUSE Studio? Need to create a Live CD, an app you want to package and distribute , or create your own linux distro. Give SUSE Studio a try. www.susestudio.com. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2010-05-16 19:22, Chuck Payne wrote:
Guys,
Not sure what is going on with my new openSUSE 11.2 install, but I am unable to use my server any more as a router. I have checked and ip_forward is on, but not of my boxes are able to get out. I have searched the opensuse forms and I see that I have all the settings that everyone recommends but still no access.
You will have to describe your configuration with some detail: crystal balls are quite unreliable nowdays. AFAIK, you only need to change a few things in the susefirewall file, it is really easy.
Is these two things really that bad in 11.2?
Not to my knowledge. - -- Cheers / Saludos, Carlos E. R. (from 11.2 x86_64 "Emerald" GM (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iF4EAREIAAYFAkvwM94ACgkQja8UbcUWM1xuoQD+Ik6w8nK0x2n2FYsV0Uyiiv/o DuYY8wTyRIzuyJYT5y4A/3xmwei3eyoR1h+NZbX/uDCJHR5PF1dFwS0ZY3a4A3Fu =CLHv -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 05/16/2010 01:05 PM, Carlos E. R. wrote:
On 2010-05-16 19:22, Chuck Payne wrote:
Guys,
Not sure what is going on with my new openSUSE 11.2 install, but I am unable to use my server any more as a router. I have checked and ip_forward is on, but not of my boxes are able to get out. I have searched the opensuse forms and I see that I have all the settings that everyone recommends but still no access.
You will have to describe your configuration with some detail: crystal balls are quite unreliable nowdays. AFAIK, you only need to change a few things in the susefirewall file, it is really easy.
Is these two things really that bad in 11.2?
Not to my knowledge.
Chuck, Yes, please describe your setup. ASCII drawings work fine. I don't know about 11.2, but from 11.0 on, I have been unable to get IP forwarding to work with the old "dial-in-server" config, using ppp to handle 'inbound' modem connections to act as your own 'dial-up' server. Up to 10.2, 10.3 worked fine. 11.0 on, ppp no longer talked tcp over the routes for some reason. Not saying that is your problem, but maybe it figures into what you are doing. We'll know when we get your setup. -- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Sun, May 16, 2010 at 11:15 PM, David C. Rankin <drankinatty@suddenlinkmail.com> wrote:
On 05/16/2010 01:05 PM, Carlos E. R. wrote:
On 2010-05-16 19:22, Chuck Payne wrote:
Guys,
Not sure what is going on with my new openSUSE 11.2 install, but I am unable to use my server any more as a router. I have checked and ip_forward is on, but not of my boxes are able to get out. I have searched the opensuse forms and I see that I have all the settings that everyone recommends but still no access.
You will have to describe your configuration with some detail: crystal balls are quite unreliable nowdays. AFAIK, you only need to change a few things in the susefirewall file, it is really easy.
Is these two things really that bad in 11.2?
Not to my knowledge.
Chuck,
Yes, please describe your setup. ASCII drawings work fine. I don't know about 11.2, but from 11.0 on, I have been unable to get IP forwarding to work with the old "dial-in-server" config, using ppp to handle 'inbound' modem connections to act as your own 'dial-up' server. Up to 10.2, 10.3 worked fine. 11.0 on, ppp no longer talked tcp over the routes for some reason.
Not saying that is your problem, but maybe it figures into what you are doing. We'll know when we get your setup.
-- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Ok, I will try to make this painless for everyone. I have two nic in my box. Since SuSE 5.3 to openSUSE 11.1 I have this set up wher eth0 is extranal and eth1 is internal. eth0 is the default gw. I have dhcp running and given out ip on eth1, with eth1 as the default ip for dhcp. I have check, and the ip forware is checked on the router tab. Below are the network config. I have a backup of my 11.1 /etc dir and I have checked and most of the same settings, expect I had to turn off ipv6, because the :::1 (localhost) was killing postfix. By the way, I am not running the firewall until I can figure this out, so I have no iptables rules loaded. Below are my config files...if there something else I need to post let me know. By the way, Samba is working which is cool. Linux magi 2.6.31.12-0.2-desktop #1 SMP PREEMPT 2010-03-16 21:25:39 +0100 x86_64 x86_64 x86_64 GNU/Linux ifconfig eth0 Link encap:Ethernet HWaddr 00:90:27:43:F1:7A inet addr:216.74.78.18 Bcast:216.74.78.31 Mask:255.255.255.240 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:327832 errors:0 dropped:0 overruns:0 frame:0 TX packets:200950 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:46205008 (44.0 Mb) TX bytes:41369433 (39.4 Mb) eth1 Link encap:Ethernet HWaddr 6C:F0:49:E1:96:2E inet addr:192.168.105.2 Bcast:192.168.105.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:186378 errors:0 dropped:0 overruns:0 frame:0 TX packets:32907 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:27859254 (26.5 Mb) TX bytes:19142247 (18.2 Mb) Interrupt:30 oute Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 216.74.78.18 * 255.255.255.240 U 0 0 0 eth0 192.168.105.0 * 255.255.255.0 U 0 0 0 eth1 link-local * 255.255.0.0 U 0 0 0 eth0 loopback * 255.0.0.0 U 0 0 0 lo default 216.74.78.17 0.0.0.0 UG 0 0 0 eth0 etc/sysconfig/network/routes default 216.74.74.17 - - # Disable response to broadcasts. # You don't want yourself becoming a Smurf amplifier. net.ipv4.icmp_echo_ignore_broadcasts = 1 # enable route verification on all interfaces0># Disable response to broadcasts. # You don't want yourself becoming a Smurf amplifier. net.ipv4.icmp_echo_ignore_broadcasts = 1 # enable route verification on all interfaces net.ipv4.conf.all.rp_filter = 1 net.ipv4.ip_forward = 1 # enable ipV6 forwarding #net.ipv6.conf.all.forwarding = 1 # increase the number of possible inotify(7) watches fs.inotify.max_user_watches = 65536 #avoid deleting secondary IPs on deleting the primary IP net.ipv4.conf.default.promote_secondaries = 1 net.ipv4.conf.all.promote_secondaries = 1 net.ipv6.conf.all.disable_ipv6 = 1 cat /proc/sys/net/ipv4/ip_forward 1 dhcp.conf option domain-name "magidesign.com"; option domain-name-servers 216.74.87.25, 216.74.64.201; option routers 192.168.105.2; option netbios-name-servers 192.168.105.2; ddns-update-style none; default-lease-time 17280000; subnet 192.168.105.0 netmask 255.255.255.0 { range dynamic-bootp 192.168.105.32 192.168.105.64; default-lease-time 345600; max-lease-time 1036800; -- ----------------------------------------- Discover it! Enjoy it! Share it! openSUSE Linux. ----------------------------------------- openSUSE -- en.opensuse.org/User:Terrorpup openSUSE Ambassador/openSUSE Member skype,twiiter,identica,friendfeed -- terrorpup freenode(irc) --terrorpup/lupinstein Have you tried SUSE Studio? Need to create a Live CD, an app you want to package and distribute , or create your own linux distro. Give SUSE Studio a try. www.susestudio.com. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Mon, May 17, 2010 at 11:41 AM, Chuck Payne <terrorpup@gmail.com> wrote:
On Sun, May 16, 2010 at 11:15 PM, David C. Rankin <drankinatty@suddenlinkmail.com> wrote:
On 05/16/2010 01:05 PM, Carlos E. R. wrote:
On 2010-05-16 19:22, Chuck Payne wrote:
Guys,
Not sure what is going on with my new openSUSE 11.2 install, but I am unable to use my server any more as a router. I have checked and ip_forward is on, but not of my boxes are able to get out. I have searched the opensuse forms and I see that I have all the settings that everyone recommends but still no access.
You will have to describe your configuration with some detail: crystal balls are quite unreliable nowdays. AFAIK, you only need to change a few things in the susefirewall file, it is really easy.
Is these two things really that bad in 11.2?
Not to my knowledge.
Chuck,
Yes, please describe your setup. ASCII drawings work fine. I don't know about 11.2, but from 11.0 on, I have been unable to get IP forwarding to work with the old "dial-in-server" config, using ppp to handle 'inbound' modem connections to act as your own 'dial-up' server. Up to 10.2, 10.3 worked fine. 11.0 on, ppp no longer talked tcp over the routes for some reason.
Not saying that is your problem, but maybe it figures into what you are doing. We'll know when we get your setup.
-- David C. Rankin, J.D.,P.E. Rankin Law Firm, PLLC 510 Ochiltree Street Nacogdoches, Texas 75961 Telephone: (936) 715-9333 Facsimile: (936) 715-9339 www.rankinlawfirm.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
Ok, I will try to make this painless for everyone. I have two nic in my box. Since SuSE 5.3 to openSUSE 11.1 I have this set up wher eth0 is extranal and eth1 is internal. eth0 is the default gw. I have dhcp running and given out ip on eth1, with eth1 as the default ip for dhcp. I have check, and the ip forware is checked on the router tab. Below are the network config. I have a backup of my 11.1 /etc dir and I have checked and most of the same settings, expect I had to turn off ipv6, because the :::1 (localhost) was killing postfix. By the way, I am not running the firewall until I can figure this out, so I have no iptables rules loaded. Below are my config files...if there something else I need to post let me know.
By the way, Samba is working which is cool.
Linux magi 2.6.31.12-0.2-desktop #1 SMP PREEMPT 2010-03-16 21:25:39 +0100 x86_64 x86_64 x86_64 GNU/Linux
ifconfig eth0 Link encap:Ethernet HWaddr 00:90:27:43:F1:7A inet addr:216.74.78.18 Bcast:216.74.78.31 Mask:255.255.255.240 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:327832 errors:0 dropped:0 overruns:0 frame:0 TX packets:200950 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:46205008 (44.0 Mb) TX bytes:41369433 (39.4 Mb)
eth1 Link encap:Ethernet HWaddr 6C:F0:49:E1:96:2E inet addr:192.168.105.2 Bcast:192.168.105.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:186378 errors:0 dropped:0 overruns:0 frame:0 TX packets:32907 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:27859254 (26.5 Mb) TX bytes:19142247 (18.2 Mb) Interrupt:30
oute Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 216.74.78.18 * 255.255.255.240 U 0 0 0 eth0 192.168.105.0 * 255.255.255.0 U 0 0 0 eth1 link-local * 255.255.0.0 U 0 0 0 eth0 loopback * 255.0.0.0 U 0 0 0 lo default 216.74.78.17 0.0.0.0 UG 0 0 0 eth0
etc/sysconfig/network/routes default 216.74.74.17 - -
# Disable response to broadcasts. # You don't want yourself becoming a Smurf amplifier. net.ipv4.icmp_echo_ignore_broadcasts = 1 # enable route verification on all interfaces0># Disable response to broadcasts. # You don't want yourself becoming a Smurf amplifier. net.ipv4.icmp_echo_ignore_broadcasts = 1 # enable route verification on all interfaces net.ipv4.conf.all.rp_filter = 1 net.ipv4.ip_forward = 1 # enable ipV6 forwarding #net.ipv6.conf.all.forwarding = 1 # increase the number of possible inotify(7) watches fs.inotify.max_user_watches = 65536 #avoid deleting secondary IPs on deleting the primary IP net.ipv4.conf.default.promote_secondaries = 1 net.ipv4.conf.all.promote_secondaries = 1 net.ipv6.conf.all.disable_ipv6 = 1
cat /proc/sys/net/ipv4/ip_forward 1
dhcp.conf option domain-name "magidesign.com"; option domain-name-servers 216.74.87.25, 216.74.64.201; option routers 192.168.105.2; option netbios-name-servers 192.168.105.2; ddns-update-style none; default-lease-time 17280000; subnet 192.168.105.0 netmask 255.255.255.0 { range dynamic-bootp 192.168.105.32 192.168.105.64; default-lease-time 345600; max-lease-time 1036800;
-- ----------------------------------------- Discover it! Enjoy it! Share it! openSUSE Linux. ----------------------------------------- openSUSE -- en.opensuse.org/User:Terrorpup openSUSE Ambassador/openSUSE Member skype,twiiter,identica,friendfeed -- terrorpup freenode(irc) --terrorpup/lupinstein
Have you tried SUSE Studio? Need to create a Live CD, an app you want to package and distribute , or create your own linux distro. Give SUSE Studio a try. www.susestudio.com.
Well we can mark this one as solved! I did a rename of the nic, from eth0 --> eth1 and eth1 --> eth0, then redid my firewall, and now everything is working. I am thinking is how I have stuff wire. Oh, well it working. So now I am happy again. -- ----------------------------------------- Discover it! Enjoy it! Share it! openSUSE Linux. ----------------------------------------- openSUSE -- en.opensuse.org/User:Terrorpup openSUSE Ambassador/openSUSE Member skype,twiiter,identica,friendfeed -- terrorpup freenode(irc) --terrorpup/lupinstein Have you tried SUSE Studio? Need to create a Live CD, an app you want to package and distribute , or create your own linux distro. Give SUSE Studio a try. www.susestudio.com. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 [sent later] On 2010-05-18 05:57, Chuck Payne wrote:
On Mon, May 17, 2010 at 11:41 AM, Chuck Payne <> wrote:
Ok, I will try to make this painless for everyone. I have two nic in my box. Since SuSE 5.3 to openSUSE 11.1 I have this set up wher eth0 is extranal and eth1 is internal. eth0 is the default gw.
There is a problem here, you have the gw in the external interface, it should be in the internal.
Well we can mark this one as solved! I did a rename of the nic, from eth0 --> eth1 and eth1 --> eth0, then redid my firewall, and now everything is working. I am thinking is how I have stuff wire.
Oh, well it working. So now I am happy again.
Good. - -- Cheers / Saludos, Carlos E. R. (from 11.2 x86_64 "Emerald" GM (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/ iF4EAREIAAYFAkvyRxQACgkQja8UbcUWM1ysfQD/UdNXWdvEVIlrmlfgFIn96GhL 336c9aDSQ7DnQs/Xy9YA+gJ1CxZWo7YGwMoXh7kAUTqrYoW7Dc3/4w4DaSczMv9B =X31r -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (3)
-
Carlos E. R. -
Chuck Payne -
David C. Rankin