Dear all We are using a definition of rules which has perfectly worked with SuSE8.2 and vmware and a local samba on some clients. The systems got an update to 9.2. Now we got a very strange problem which probably could belong to an firewall definition problem. After booting of the system the samba connection to vmware works perfect but a few hours later it isn''t possible to copy a file to the vmware share. But it is possible to move a file. In the log files I see a lot of error message about broadcasting to the samba net adress Is this a known problem any hints are welcome. Reimar Bauer -- Forschungszentrum Juelich email: R.Bauer@fz-juelich.de http://www.fz-juelich.de/icg/icg-i/ =================================================================a IDL library at ForschungsZentrum Juelich http://www.fz-juelich.de/icg/icg-i/idl_icglib/idl_lib_intro.html
Reimar Bauer wrote:> Dear all > > > We are using a definition of rules which has perfectly worked with SuSE8.2 and > vmware and a local samba on some clients. > > The systems got an update to 9.2. > > Now we got a very strange problem which probably could belong to an firewall > definition problem. > After booting of the system the samba connection to vmware works perfect but a > few hours later it isn''t possible to copy a file to the vmware share. But it > is possible to move a file. In the log files I see a lot of error message > about broadcasting to the samba net adress > > Is this a known problem any hints are welcome.>From what little you''ve told us, I couldn''t even begin to guess wherethe problem is other than to say that Shorewall-related problems don''t exhibit the behavior you mention (works for a few hours and then stops working). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
On 17 Mar 2005 at 14:04, Tom Eastep wrote:> Reimar Bauer wrote: > > Dear all > > > > > > We are using a definition of rules which has perfectly workedwith> > SuSE8.2 and vmware and a local samba on some clients. > > > > The systems got an update to 9.2. > > > > Now we got a very strange problem which probably could belong toan> > firewall definition problem. After booting of the system thesamba> > connection to vmware works perfect but a few hours later it isn''t > > possible to copy a file to the vmware share. But it is possibleto> > move a file. In the log files I see a lot of error message about > > broadcasting to the samba net adress > > > > Is this a known problem any hints are welcome. > > >From what little you''ve told us, I couldn''t even begin to guesswhere> the problem is other than to say that Shorewall-related problemsdon''t> exhibit the behavior you mention (works for a few hours and thenstops> working). > > -TomHowever, windows networking is flaky enough that it might drop connections that work initially and then start having packets filtered later after shorewall starts. It would be helpful to have the messages that were in the log and also to compare the starup sequence of services in his runlevel editor between SuSE 8.2 and 9.2. I use this same mix (SuSE Host for Vmware, Windows Guests) with shorwall and have had a very stable environment for some time in my development laptop. I initially had to mess around with the run-level editor and adjust the sequence of Vmware and Shorewall startup, and posted about it in this list and the SuSE list. Windows guests might seem to work but then fail if Shorewall is started after the guests are up and running. RFC1819 handling is another trap for vmware users. -- ______________________________________ John Andersen NORCOM / Juneau, Alaska http://www.screenio.com/ (907) 790-3386 .
John S. Andersen wrote:> > However, windows networking is flaky enough that it might > drop connections that work initially and then start having > packets filtered later after shorewall starts.True -- if a connection that existed before Shorewall started was lost, recreation of the connection might fail. There should be a record of that in the "Shorewall log" (most likely drops or rejects on TCP port 139).> > It would be helpful to have the messages that were in the log > and also to compare the starup sequence of services in > his runlevel editor between SuSE 8.2 and 9.2.It would be useful to have ANY concrete information (log messages, "shorewall status" output, etc.). See http://shorewall.net/support.htm.> > I initially had to mess around with the run-level editor and adjust > the sequence of Vmware and Shorewall startup, and posted about it > in this list and the SuSE list. Windows guests might seem to work > but then fail if Shorewall is started after the guests are up and > running. RFC1819 handling is another trap for vmware users. >Unless there was a change in Shorewall versions as part of the upgrade (which the OP didn''t mention), then I wouldn''t suspect an RFC 1918 problem. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key