[Linux-Anyway] Re: More Re: Re: eth1
- From: horrorvacui@xxxxxxx
- To: Linux-Anyway@xxxxxxxxxxxxx
- Date: Fri, 7 Mar 2003 02:02:09 +0100
On Thu, 6 Mar 2003 14:32:13 -0800 (PST)
Meph Istopheles <meph@xxxxxxxxxxx> wrote:
> > The question is, how it got there at all?
>
> Got me. Maybe something default, maybe something I did. Who
> knows at this point?
>
> But, from your tip, it's fixed:
Nice. It's probably nothing default, rather something you did. It's
irrelevant as you obviously did it a long time ago and can't remember. I
mentioned it only because it might have been recent.
You now might edit your firewall script to replace the faulty rule. The
thing I like about RH is that it, from what I've heard, uses a simple file
for rulesets and a start script that loads them via the ipchains-restore
utility. That way, you can change rules on the fly, and if you like them,
can save them by piping the output of ipchains-save util into a file and
replacing the ruleset file. On SuSE, I haven't even been able to find out
where the hell the default SuSE firewall stores the rules, and how they
are set. From all those mountains of documentation I have read about it,
it seems that a possibility of changing rules isn't there. Or I have
overlooked the obvious, something I really excel in.
> > It seems like it's 2.2.x, which works with ipchains only.
> > Iptables is introduced with 2.4.x, and although you have
> > iptables utils installed, there seems to be no kernel support,
> > causing iptables to crap out. If you manage to configure this
> > with ipchains and upgrade to 2.4.x, you can still use your old
> > ipchains rules (the iptables syntax is just different enough to
> > make me do exactly this) by compiling ipchains-support in the
> > kernel. I'd stay with 2.2.x and ipchains for this box if I were
> > you.
>
> Looks like the wonder of RH's updates. I'm running RH 7.2, but
> even that started with 2.4.7-10, so it should be tables. Running
> any tables command just gives me module errors, so I think I must
> only be running chains, since I don't get errors with chains
> commands.
Hm. Don't bash it too hard - this might be a backward-compatibility issue.
It's easier to make a 2.4.x use ipchains than make a 2.2.x use iptables.
My SuSE 7.1 came with both kernels, and uses ipchains.
I have downloaded and installed iptables afterwards. If I remember
correctly, you can't use both at the same time (which sounds logical,
since both have to register the same function in the kernel), before
loading the iptables module, you have to unload the ipchains module.
Stopping the firewall should let you do it, for all I know. Or just edit
the /etc/modules.conf to load 'tables for firewalling, which will leave
you without firewall until you change the start scripts and rulesets.
>
> Anyway, though I've got the 192 stuff corrected, we may be
> dealing with a problem on the W2k side, as it only wants to do
> anything with public addresses. I suspect it should be able to
> at least ping 192.168.0.2, the Linux box, even if the card on the
> Linux box won't forward through the public address to the gateway
> the Linux box uses. I'm sooooooooo confused.
>
That's where REAL problems come in. Windows. Change something, and it will
change other stuff it believes you want to have changed too, or simply
what it believes you should want to have changed but are too stupid to
know. Luckily, configuring a network card isn't as "microsoftish" as they
always manage to make it. Remember to let it ping itself to check whether
the NIC is installed and ok, and remember to double-check the cabling (if
the port light doesn't come on, it's a bad sign - either the NIC is fried,
the cable is broken or the cross-over cable isn't cross-over after all (or
vice versa).
Cheers
--
Horror Vacui
Registered Linux user #257714
Go get yourself... counted: http://counter.li.org/
- and keep following the GNU.
To unsubcribe send e-mail with the word unsubscribe in the body to:
Linux-Anyway-Request@xxxxxxxxxxxxx?body=unsubscribe
Other related posts:
