I have trouble that I have been working on for weeks,
I have a shorewall box that has been in for about a year,
It has appx 20 workstations on the network that use shorewall as
a gateway, with squidguard, pptpd,dhcp for loc, for vpns, and samba for
serving files.
This all worked great until they got a virus 4 weeks ago
Shorewall box has three interfaces, one for net,loc,dmz.
The dmz is wired to a netgear wireless router for wireless laptops
that access the internet. It is blocked from loc. Shorewall is running on rh
7.3
The trouble all started after a welchia virus entered their
network on machines that they had failed to keep antivirus up.
About 4 weeks ago
I have cleared up the virus trouble, now after about three
days of operation the shorewall box slows to a crawl and stops
working. (ie no internet access) pings from outside show lost packets
to shorewall box.
And local workstations have no internet access.
I have now twice put the shorewall box on my network for testing
the trouble and its working fine. Today is the second time I moved
the box to my network. I was hoping someone might look at the logs
I have attached to see if they might see trouble I have missed.
The box quit working in the afternoon of OCT 24,2003
Thanks,
Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: messages.zip
Type: application/x-zip-compressed
Size: 66834 bytes
Desc: not available
Url :
http://lists.shorewall.net/pipermail/shorewall-users/attachments/20031025/13ab616c/messages-0001.bin
On Sat, 2003-10-25 at 11:00, Mike Lander wrote:> I have now twice put the shorewall box on my network for testing > the trouble and its working fine. Today is the second time I moved > the box to my network. I was hoping someone might look at the logs > I have attached to see if they might see trouble I have missed.dhcpd is failing to start. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On Sat, 2003-10-25 at 11:22, Tom Eastep wrote:> On Sat, 2003-10-25 at 11:00, Mike Lander wrote: > > > I have now twice put the shorewall box on my network for testing > > the trouble and its working fine. Today is the second time I moved > > the box to my network. I was hoping someone might look at the logs > > I have attached to see if they might see trouble I have missed. > > dhcpd is failing to start. >I''m also noticing cases where eth0 or eth1 failed to come up. Since we can''t tell which reboots occurred where (customer site or your site), it''s hard to say anything more. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
> > On Sat, 2003-10-25 at 11:00, Mike Lander wrote: > > > > > I have now twice put the shorewall box on my network for testingthe trouble and its working fine. Today is the second time I moved the box to my network. I was hoping someone might look at the logs I have attached to see if they might see trouble I have missed. I installed on my network this morning 10/25 dhcpd is failing to start. I haven''t config dhcp for my network yet> > I''m also noticing cases where eth0 or eth1 failed to come up. Since we > can''t tell which reboots occurred where (customer site or your site), > it''s hard to say anything more. > > -TomAll reboots on 10/25 are on my network I am not using eth1 and eth2 because on my network yet, local seemed to work ok just gateway would quit on their network. Right now the box is just connected to the internet with FQ address nothing connected to eth1 and eth2 Mike
On Sat, 2003-10-25 at 12:13, Mike Lander wrote:> > -Tom > All reboots on 10/25 are on my network > I am not using eth1 and eth2 because on my network yet, local seemed to > work ok just gateway would quit on their network. > > Right now the box is just connected to the internet with > FQ address nothing connected to eth1 and eth2Same cable or different one? -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On Sat, 2003-10-25 at 12:39, Tom Eastep wrote:> On Sat, 2003-10-25 at 12:13, Mike Lander wrote: > > > > -Tom > > All reboots on 10/25 are on my network > > I am not using eth1 and eth2 because on my network yet, local seemed to > > work ok just gateway would quit on their network. > > > > Right now the box is just connected to the internet with > > FQ address nothing connected to eth1 and eth2 > > Same cable or different one?I ask because it really sounds like a H/W problem on the external IF/cable/router/... -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Tom,
When you said eth1 did not come up, I looked at the logs, and for now
use we have a router on the network (replacing shorewall while its gone)
with the same loc ip for
eth1 10.13.173.20 is the shorewall gateway. They had this router plugged in
and using it as a switch
and caused a ip conflict I am not sure what kind of symtoms that would
cause, I
I do know two IP''s cannot exists on the same network. I called the
admin and
he did
not change the IP of that router which would definately would cause trouble.
Thank you,
MIke
----- Original Message -----
From: "Tom Eastep" <teastep@shorewall.net>
To: "Shorewall Users Mailing List"
<shorewall-users@lists.shorewall.net>
Sent: Saturday, October 25, 2003 12:44 PM
Subject: Re: [Shorewall-users] Mysterious Network trouble
> On Sat, 2003-10-25 at 12:39, Tom Eastep wrote:
> > On Sat, 2003-10-25 at 12:13, Mike Lander wrote:
> >
> > > > -Tom
> > > All reboots on 10/25 are on my network
> > > I am not using eth1 and eth2 because on my network yet, local
seemed
to> > > work ok just gateway would quit on their network.
> > >
> > > Right now the box is just connected to the internet with
> > > FQ address nothing connected to eth1 and eth2
> >
> > Same cable or different one?
>
> I ask because it really sounds like a H/W problem on the external
> IF/cable/router/...
>
> -Tom
> --
> Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
> Shoreline, \ http://shorewall.net
> Washington USA \ teastep@shorewall.net
>
>
> _______________________________________________
> Shorewall-users mailing list
> Post: Shorewall-users@lists.shorewall.net
> Subscribe/Unsubscribe:
https://lists.shorewall.net/mailman/listinfo/shorewall-users> Support: http://www.shorewall.net/support.htm
> FAQ: http://www.shorewall.net/FAQ.htm
>