Hi, After what seams like years of trying, I finally have got my USB ADSL modem working on my Linux box, and I can browse the web, send mail etc. fine Now the problem is, how do I get my Windows box to 'see' the internet connection? When I had the modem on my Windows box, I installed a proxy server on it, and set the 'proxy' of all the linux stuff to point to my Windows box, do I have to do the same thing on the Linux box? I have a working BIND configuration, and if I ping "www.slashdot.org" on my windows machine, I get... Pinging www.slashdot.org [64.28.67.150] .... Destination Host Unreachable... So I guess the DNS is working, but the Windows box can't get anything in or out. What do I need to setup? Cheers Phil -- Linux 2.4.4-4GB 9:27am up 1:59, 1 user, load average: 0.24, 0.14, 0.14
On Wed, 27 Feb 2002 20:35, Phil Shrimpton wrote:
Hi,
After what seams like years of trying, I finally have got my USB ADSL modem working on my Linux box, and I can browse the web, send mail etc. fine Now the problem is, how do I get my Windows box to 'see' the internet connection?
When I had the modem on my Windows box, I installed a proxy server on it, and set the 'proxy' of all the linux stuff to point to my Windows box, do I have to do the same thing on the Linux box?
I have a working BIND configuration, and if I ping "www.slashdot.org" on my windows machine, I get...
Pinging www.slashdot.org [64.28.67.150] ....
Destination Host Unreachable...
So I guess the DNS is working, but the Windows box can't get anything in or out.
What do I need to setup?
Cheers
Phil
Ah, the joys of working with WINDOWS.... NOT !!! Lets assume you aren't running DHCP on your internal network.... I'll describe my setup and you can modify to suit. Gateway (to the outside) - 192.168.1.254 Evilware (workstation) - 192.168.1.100 On Evilware, go to the Control Panel/Network and set the following; IP Address - 192.168.1.100 Netmask - 255.255.255.0 Enable DNS, and set the DNS server to the DNS of your ISP (assuming you aren't running DNS internally) Disable WINS Resolution That's about it (for Windows 98 anyway) - I've just chjecked my machine and it still works...:-) Jon -- Jon ------------------------------------------------------------------------- "There are 5.6 billion people in the world, and approximately 400 million installed operating systems. That means 5.2 billion people have yet to choose their operating system, and we have to get to them before Bill does." - Jon "maddog" Hall
On Wednesday 27 February 2002 11:07, Jon Biddell wrote: Hi,
So I guess the DNS is working, but the Windows box can't get anything in or out.
What do I need to setup?
Ah, the joys of working with WINDOWS.... NOT !!!
<g>
Lets assume you aren't running DHCP on your internal network....
I am not.
I'll describe my setup and you can modify to suit.
Gateway (to the outside) - 192.168.1.254
Do I actually have to setup a Gateway, or by 'Gateway' do you mean my Linux box?
On Evilware, go to the Control Panel/Network and set the following;
IP Address - 192.168.1.100 Netmask - 255.255.255.0
This is already set.
Enable DNS, and set the DNS server to the DNS of your ISP
The DNS server was set to my Linux box (which does resolve correctly), if I change it to my ISP's, it can resolve the names, let alone let me connect to them. Many thanks for you help Phil -- Linux 2.4.4-4GB 10:14am up 2:47, 1 user, load average: 0.18, 0.11, 0.19
I have a working BIND configuration, and if I ping "www.slashdot.org" on my windows machine, I get...
Pinging www.slashdot.org [64.28.67.150] ....
Destination Host Unreachable...
So I guess the DNS is working, but the Windows box can't get anything in or out.
you should pick some other site to test with ping.. slashdot has set their firewall to not respond to pings. try www.google.com -- trey
On Wednesday 27 February 2002 13:59, Trey Gruel wrote: Hi,
I have a working BIND configuration, and if I ping "www.slashdot.org" on my windows machine, I get...
Pinging www.slashdot.org [64.28.67.150] ....
Destination Host Unreachable...
So I guess the DNS is working, but the Windows box can't get anything in or out.
you should pick some other site to test with ping.. slashdot has set their firewall to not respond to pings. try www.google.com
Still no joy. I guess I need to either setup my linux box as a router, use IPChains or SuSEFirewall or a combination of the three. I have spent the day messing about with SuSEFirewall, but seams to deny all packets from everywhere on everything regardless of what I put in the config file, and it complains about my 2.4 kernel (it would prefer 2.2), so I had to uninstall it. Anyone got any ideas? Phil -- Linux 2.4.4-4GB 5:01pm up 8 min, 1 user, load average: 0.35, 0.43, 0.22
Use SuSEfirewall2 - it is for iptablse which are native to the 2.4 kernel. Although ipchains are supposed to be supported as well. I would download SuSEfirewall2 and use it if I were you. You can get it from: http://www.suse.com/~marc/SuSE.html Jim 02/27/02 11:04:12 AM, Phil Shrimpton <phil@shrimpton.co.uk> wrote:
On Wednesday 27 February 2002 13:59, Trey Gruel wrote:
Hi,
I have a working BIND configuration, and if I ping "www.slashdot.org" on my windows machine, I get...
Pinging www.slashdot.org [64.28.67.150] ....
Destination Host Unreachable...
So I guess the DNS is working, but the Windows box can't get anything in or out.
you should pick some other site to test with ping.. slashdot has set their firewall to not respond to pings. try www.google.com
Still no joy.
I guess I need to either setup my linux box as a router, use IPChains or SuSEFirewall or a combination of the three.
I have spent the day messing about with SuSEFirewall, but seams to deny all packets from everywhere on everything regardless of what I put in the config file, and it complains about my 2.4 kernel (it would prefer 2.2), so I had to uninstall it.
Anyone got any ideas?
Phil
-- Linux 2.4.4-4GB 5:01pm up 8 min, 1 user, load average: 0.35, 0.43, 0.22
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq and the archives at http://lists.suse.com
On Wed, 27 Feb 2002 17:04:12 +0000 Phil Shrimpton <phil@shrimpton.co.uk> wrote:
SuSEFirewall or a combination of the three.
I have spent the day messing about with SuSEFirewall, but seams to deny all packets from everywhere on everything regardless of what I put in the config file, and it complains about my 2.4 kernel (it would prefer 2.2), so I had to uninstall it.
Anyone got any ideas?
Install SuSEFirewall2 , it likes the 2.4 kernel, and the configuration file is very easy to setup for masquerading. -- $|=1;while(1){print pack("h*",'75861647f302d4560275f6272797f3');sleep(1); for(1..16){for(8,32,8,7){print chr($_);}select(undef,undef,undef,.05);}}
On Wednesday 27 February 2002 17:15, zentara wrote: Hi,
I have spent the day messing about with SuSEFirewall, but seams to deny all packets from everywhere on everything regardless of what I put in the config file, and it complains about my 2.4 kernel (it would prefer 2.2), so I had to uninstall it.
Install SuSEFirewall2 , it likes the 2.4 kernel, and the configuration file is very easy to setup for masquerading.
Well things have gone better this time, the SuSEfirewall2 seams to be up and running and I can access we,mail and news from my linux box, and I can access my linux box on the required ports from the internet. The only thing is, masquarading is not working from my Windows box. I can access my Linux box via 'internal' IP addresses, but external ones are not being forwarded. In /var/log/messages I have loads of entries like... Feb 27 23:58:23 fred kernel: SuSE-FW-DROP-DEFAULT IN=eth0 OUT= MAC=00:20:18:54:a2:22:00:e0:98:08:38:18:08:00 SRC=192.168.110.3 DST=192.168.110.2 LEN=160 TOS=0x00 PREC=0x00 TTL=128 ID=1204 PROTO=UDP SPT=1033 DPT=1900 LEN=140 Where... eth0 is my internal ethernet card 192.168.110.3 is my Windows box 192.168.110.2 is my Linux box Phil -- Linux 2.4.4-4GB 12:00am up 26 min, 1 user, load average: 1.16, 0.58, 0.38
Phil Shrimpton wrote:
Well things have gone better this time, the SuSEfirewall2 seams to be up and running and I can access we,mail and news from my linux box, and I can access my linux box on the required ports from the internet.
The only thing is, masquarading is not working from my Windows box. I can access my Linux box via 'internal' IP addresses, but external ones are not being forwarded.
I don't think masqurading is the problem this time.
Feb 27 23:58:23 fred kernel: SuSE-FW-DROP-DEFAULT IN=eth0 OUT= MAC=00:20:18:54:a2:22:00:e0:98:08:38:18:08:00 SRC=192.168.110.3 DST=192.168.110.2 LEN=160 TOS=0x00 PREC=0x00 TTL=128 ID=1204 PROTO=UDP SPT=1033 DPT=1900 LEN=140
SPT-source port is 1033, DPT-destination port is 1900, UDP protocol. Have you opened UDP port 1900 on your internal interface?
eth0 is my internal ethernet card 192.168.110.3 is my Windows box 192.168.110.2 is my Linux box
HTH. You can always see which ports are being blocked, decide if they should be or not, then edit /etc/rc.config.d/firewall2.rc.config to open them. Then, SuSEfirewall2 restart (or was it stop, then start?). -- Joe & Sesil Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Web Address: www.mydestiny.net/~joe_morris Registered Linux user 231871
On Thursday 28 February 2002 01:34, Joe & Sesil Morris (NTM) wrote: Hi,
The only thing is, masquarading is not working from my Windows box. I can access my Linux box via 'internal' IP addresses, but external ones are not being forwarded.
I don't think masqurading is the problem this time.
It was, I needed to change... FW_PROTECT_FROM_INTERNAL="yes" to FW_PROTECT_FROM_INTERNAL="no" ..and almost everything is working fine. The last remaining problem, is I can't connect to my external interface from 'inside' my network by going out then in again (if you see what I mean). For instance, if I open up port 80, I can't connect via http://my_external_ip_address from any of the machines on the local network, but I can connect to it from machines not connected to the network, via dial up. Phil -- Linux 2.4.4-4GB 3:34pm up 16:01, 1 user, load average: 0.17, 0.06, 0.02
* Phil Shrimpton; <phil@shrimpton.co.uk> on 28 Feb, 2002 wrote:
On Wednesday 27 February 2002 17:15, zentara wrote:
Feb 27 23:58:23 fred kernel: SuSE-FW-DROP-DEFAULT IN=eth0 OUT= MAC=00:20:18:54:a2:22:00:e0:98:08:38:18:08:00 SRC=192.168.110.3 DST=192.168.110.2 LEN=160 TOS=0x00 PREC=0x00 TTL=128 ID=1204 PROTO=UDP SPT=1033 DPT=1900 LEN=140
again output of the folowing would help us to see the cause of your problem grep -v ^# /etc/firewall.rc.config -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
* Togan Muftuoglu; <toganm@dinamizm.com> on 28 Feb, 2002 wrote:
again output of the folowing would help us to see the cause of your problem
Rule to self If it is the first cup of coffee do not hit the Y key The correct command is this one sorry for the previous one grep -v ^# /etc/rc.config.d/firewall.rc.config -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
02/27/02 11:38:14 PM, Togan Muftuoglu <toganm@dinamizm.com> wrote:
* Togan Muftuoglu; <toganm@dinamizm.com> on 28 Feb, 2002 wrote:
again output of the folowing would help us to see the cause of your problem
Rule to self If it is the first cup of coffee do not hit the Y key
The correct command is this one sorry for the previous one
grep -v ^# /etc/rc.config.d/firewall.rc.config
-- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
Sounds like the problem I have in the last email I send before I go to sleep. I love when that happens when I am sending it to my boss or a client... WOOOOPS, let me grab it back, AAAHHHHGGG. Sorry, going to sleep now ;-)
* Phil Shrimpton; <phil@shrimpton.co.uk> on 27 Feb, 2002 wrote:
I have spent the day messing about with SuSEFirewall, but seams to deny all packets from everywhere on everything regardless of what I put in the config file, and it complains about my 2.4 kernel (it would prefer 2.2), so I had to uninstall it.
Anyone got any ideas?
can you post the output of the following grep version /etc/rc.config.d/firewall.rc.config grep -v ^# /etc/rc.config.d/firewall.rc.config grep ^IP_FORWARD /etc/rc.config -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
On Wednesday 27 February 2002 17:19, Togan Muftuoglu wrote: Hi,
Anyone got any ideas?
can you post the output of the following
grep version /etc/rc.config.d/firewall.rc.config grep -v ^# /etc/rc.config.d/firewall.rc.config
I have uninstalled SuSEFirewall so firewall.rc.config is gone
grep ^IP_FORWARD /etc/rc.config
IP_FORWARD="no" Cheers Phil -- Linux 2.4.4-4GB 5:45pm up 20 min, 1 user, load average: 0.19, 0.28, 0.29
* Phil Shrimpton; <phil@shrimpton.co.uk> on 27 Feb, 2002 wrote:
On Wednesday 27 February 2002 17:19, Togan Muftuoglu wrote:
IP_FORWARD="no"
If your PC is acting as a router then this should be "yes". If you are using kernel 2.4.x then you need SuSEfirewall2 which is available at http://www.suse.de/~marc -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx
participants (7)
-
James Bliss -
Joe & Sesil Morris (NTM) -
Jon Biddell -
Phil Shrimpton -
Togan Muftuoglu -
Trey Gruel -
zentara