I am experiencing problems with wy home network after 9.2 install. My setup is: a 9.2 server (connected to the internet via an ethernet card and adsl modem), three XP clients, and one 9.0 client. pinging clients from server yields a result > 1000 ms pinging server from client the same accessing the internet from the clients is extremely slow (fairly logical). I suppose my SuSEfirewall2 setup must be at stake I used to have a setting like this: FW_DEV_EXT="eth0" FW_DEV_INT="eth1" FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_NETS="192.168.10.0/24" Upon install, 9.2 installed these settings: FW_DEV_EXT="dsl0" FW_DEV_INT="eth-id-00:a0:24:29:24:d3 eth-id-00:04:61:58:24:62 " FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_NETS="192.168.10.0/24" surely it does not make sense to include both network cards in FW_dev_int, since one points to the interneal network (eth1 192.168.0.99) and the other to the internet via the dsl modem(eth0 168.192.2.21). When I restart the firewall, I get this error message: WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko): Device or resource busy can anyone help? Thanks. FX
On Fri November 5 2004 1:10 am, FX Fraipont wrote:
snip <
Upon install, 9.2 installed these settings:
FW_DEV_EXT="dsl0" FW_DEV_INT="eth-id-00:a0:24:29:24:d3 eth-id-00:04:61:58:24:62 " FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_NETS="192.168.10.0/24"
surely it does not make sense to include both network cards in FW_dev_int, since one points to the interneal network (eth1 192.168.0.99) and the other to the internet via the dsl modem(eth0 168.192.2.21).
When I restart the firewall, I get this error message:
WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko): Device or resource busy
can anyone help?
Thanks.
FX
Straighten out 9.2's eth0 and eth1. You are right that both cards shouldn't be used as eth1. eth-id-00:a0:24:29:24:d3 = eth? eth-id-00:04:61:58:24:62 = eth? Not sure why dsl0 is assigned as eth0. I believe you could just reassign eth0 in SuSEfirewall2 to FW_DEV_EXT instead of dsl0. Remove dsl0 from FW_DEV_EXT. Stan
SRGlasoe wrote:
On Fri November 5 2004 1:10 am, FX Fraipont wrote:
snip <
Upon install, 9.2 installed these settings:
FW_DEV_EXT="dsl0" FW_DEV_INT="eth-id-00:a0:24:29:24:d3 eth-id-00:04:61:58:24:62 " FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_NETS="192.168.10.0/24"
surely it does not make sense to include both network cards in FW_dev_int, since one points to the interneal network (eth1 192.168.0.99) and the other to the internet via the dsl modem(eth0 168.192.2.21).
When I restart the firewall, I get this error message:
WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko): Device or resource busy
can anyone help?
Thanks.
FX
Straighten out 9.2's eth0 and eth1. You are right that both cards shouldn't be used as eth1. eth-id-00:a0:24:29:24:d3 = eth?
eth0
eth-id-00:04:61:58:24:62 = eth?
eth1
Not sure why dsl0 is assigned as eth0. I believe you could just reassign eth0 in SuSEfirewall2 to FW_DEV_EXT instead of dsl0. Remove dsl0 from FW_DEV_EXT.
I've tried that, and it doesn't change a thing. By the way , I agree with you than eth0 and eth1 was much easier to manage than these unique identifiers. Plus, on the conceptual side, if a single machine provides the internet access and the firewall and the masquerading, is the "space " between 192.168.0.99 (lan adress) and 192.168.2.21 (the eth card connected to the adsl modem) demilitarized? I keep reading these dmz settings in SuSEfirewall2, but can't use them.... And I still don't know why I am getting this ipfwadm error message. fx
On Fri November 5 2004 12:06 pm, FX Fraipont wrote:
Straighten out 9.2's eth0 and eth1. You are right that both cards shouldn't be used as eth1. eth-id-00:a0:24:29:24:d3 = eth?
eth0
eth-id-00:04:61:58:24:62 = eth?
eth1
Plus, on the conceptual side, if a single machine provides the internet access and the firewall and the masquerading, is the "space " between 192.168.0.99 (lan adress) and 192.168.2.21 (the eth card connected to the adsl modem) demilitarized? I keep reading these dmz settings in SuSEfirewall2, but can't use them....
And I still don't know why I am getting this ipfwadm error message.
fx
The DMZ is usually thought of as outside of the router/firewall box. Somewhere in between the external/internet and internal/local LAN. Probably easier to think of it as if you had an eth2 pointing to something like 192.168.20.x where you have a SQL server or a web server that you can't trust on your local LAN because you have them exposed to the internet. Help me out on your IP addressing scheme. You say eth0=192.168.2.21 to the dsl modem. You say eth1 is 192.168.0.99 to your internal LAN. Then in SuSEfirewall2 you define another network for FW_MASQ_NETS="192.168.10.0/24". Where is that? That should be "192.168.0.0/24" to masquerade your internal LAN through eth0 to the Internet. I'm researching that ipfwadm message also. Stan
FX Fraipont wrote:
SRGlasoe wrote:
On Fri November 5 2004 1:10 am, FX Fraipont wrote:
snip <
Upon install, 9.2 installed these settings:
FW_DEV_EXT="dsl0" FW_DEV_INT="eth-id-00:a0:24:29:24:d3 eth-id-00:04:61:58:24:62 " FW_ROUTE="yes" FW_MASQUERADE="yes" FW_MASQ_NETS="192.168.10.0/24"
surely it does not make sense to include both network cards in FW_dev_int, since one points to the interneal network (eth1 192.168.0.99) and the other to the internet via the dsl modem(eth0 168.192.2.21).
When I restart the firewall, I get this error message:
WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko): Device or resource busy
Howto fix it by my chasing around and fixing it. SuSE has 3 files in /etc/init.d dealing with SuSEfirewall. Problem is that they try to mount that same module.ko 3 times. Guess what = modprobe/demod only can mount it only once without removing it. So edit them and remove or comment out then offend line in in the last 2 of the three Sure wish SuSE would try there software first -- 73 de Donn Washburn __" http://www.hal-pc.org/~n5xwb " Ham Callsign N5XWB / / __ __ __ __ __ __ __ 307 Savoy St. / /__ / / / \/ / / /_/ / \ \/ / Sugar Land, TX 77478 /_____/ /_/ /_/\__/ /_____/ /_/\_\ LL# 1.281.242.3256 Dump Microsoft Software - Stop virus email Email: n5xwb@hal-pc.org " http://counter.li.org " #279316
Donn Washburn wrote:
FX Fraipont wrote:
SRGlasoe wrote:
When I restart the firewall, I get this error message:
WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko):
Device or resource busy
Howto fix it by my chasing around and fixing it.
SuSE has 3 files in /etc/init.d dealing with SuSEfirewall. Problem is that they try to mount that same module.ko 3 times. Guess what = modprobe/demod only can mount it only once without removing it. So edit them and remove or comment out then offend line in in the last 2 of the three
sorry, but I can't find any modprobe ipfwadm.ko in /etc/init.d/* ??? FX
At 07:06 PM 5/11/2004, FX Fraipont wrote:
SRGlasoe wrote:
On Fri November 5 2004 1:10 am, FX Fraipont wrote:
snip <
Straighten out 9.2's eth0 and eth1. You are right that both cards shouldn't be used as eth1. eth-id-00:a0:24:29:24:d3 = eth?
eth0
eth-id-00:04:61:58:24:62 = eth?
eth1
Not sure why dsl0 is assigned as eth0. I believe you could just reassign eth0 in SuSEfirewall2 to FW_DEV_EXT instead of dsl0. Remove dsl0 from FW_DEV_EXT.
I've tried that, and it doesn't change a thing. By the way , I agree with you than eth0 and eth1 was much easier to manage than these unique identifiers.
These Unique identifiers are of course the mac addresses oncard for the individual ports concerned. I've been told that addressing this way is now becoming the standard across the unix /mainframe world. It seems that it's hard to fake them, while the port generic id's such as eth1...etc can be. Something to do with hackers, no doubt. regards scsijon
I am experiencing problems with wy home network after 9.2 install. My setup is: a 9.2 server (connected to the internet via an ethernet card and adsl modem), three XP clients, and one 9.0 client.
pinging clients from server yields a result > 1000 ms pinging server from client the same accessing the internet from the clients is extremely slow (fairly logical).
<snip>
WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko): Device or resource busy
FX Did you ever get an answer/fix for this? I am seeing the same thing in my desktop. My desktop was a fresh install. On my laptop, which was an upgrade, I am not experiencing this problem. Any ideas? Thanks eric
Eric Wagar wrote:
WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko): Device or resource busy
FX
Did you ever get an answer/fix for this? I am seeing the same thing in my desktop.
Nope, I still have this annoying message though the firewall seems to be working all right. Fx
WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko): Device or resource busy
Did you ever get an answer/fix for this? I am seeing the same thing in my desktop.
Nope, I still have this annoying message though the firewall seems to be working all right.
Unfortunately, that's my issue also. So, the questions begs, what is an/the appropriate error message? Or, are we just seeing warnings? I'm gonna keep seeing what I can find. eric
On Wed, 17 Nov 2004 12:52, Eric Wagar wrote:
WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko): Device or resource busy
Did you ever get an answer/fix for this? I am seeing the same thing in my desktop.
Nope, I still have this annoying message though the firewall seems to be working all right.
Unfortunately, that's my issue also.
So, the questions begs, what is an/the appropriate error message? Or, are we just seeing warnings?
I'm gonna keep seeing what I can find.
eric
Sorry I have not been following the thread. But I had that problem until I upgraded the kernel using YOU. This resolved it and a number of other problems I was having. -- Regards, Graham Smith ---------------------------------------------------------
Graham Smith wrote:
On Wed, 17 Nov 2004 12:52, Eric Wagar wrote:
WARNING: Error inserting ipfwadm (/lib/modules/2.6.8-24.3-default/kernel/net/ipv4/netfilter/ipfwadm.ko): Device or resource busy
Sorry I have not been following the thread. But I had that problem until I upgraded the kernel using YOU. This resolved it and a number of other problems I was having.
Thanks, thios suppresses the error message indeed. Funny thing though, YOU did not show any new installable kernel - I had installed all installable patches as they arrived. I reinstalled the kernel patch, rebooted, and that was it. Message was gone. Thanks for the tip FX
participants (6)
-
Donn Washburn -
Eric Wagar -
FX Fraipont -
Graham Smith -
scsijon -
SRGlasoe