Holger Brueckner
2004-Apr-27 09:58 UTC
Problem accessing shorewall.net (rfc1918 problem ?)
Hello, i''m having problems connecting to shorewall.net site. it seems like german telekom got a ip block formerly reserved by iana. namely i got 84.128.25.220. could it be that you''re still blocking this ip range ? greetings Holger Brueckner net-labs Systemhaus GmbH
Patrick Benson
2004-Apr-27 11:58 UTC
Re: Problem accessing shorewall.net (rfc1918 problem?)
Holger Brueckner wrote:> > Hello, > > i''m having problems connecting to shorewall.net site. > it seems like german telekom got a ip block formerly reserved > by iana. namely i got 84.128.25.220. > > could it be that you''re still blocking this ip range ? > > greetings > > Holger Brueckner > net-labs Systemhaus GmbHHolger, That may depend, you probably are blocking yourself out. Is it a static ip or is it allocated by DHCP? # cat /etc/shorewall/rfc1918 | grep 84 What do you get? If it''s given by DHCP: If 84.0.0.0/x is listed just put a comment there. If it''s static: Add 84.128.25.220 RETURN above the 84.0.0.0/x line Restart Shorewall. Use a stripped-down version like Tom''s example, saves you the trouble with updating the file regularly.. http://www.shorewall.net/myfiles.htm#RFC1918 Regards, -- Patrick Benson Stockholm, Sweden
Holger Brueckner wrote:> Hello, > > i''m having problems connecting to shorewall.net site. > it seems like german telekom got a ip block formerly reserved > by iana. namely i got 84.128.25.220. > > could it be that you''re still blocking this ip range ?Which shorewall.net site(s) are you having problems accessing? shorewall.net is comprised of systems in 5 different cities, each with their own system manager. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Holger Brueckner
2004-Apr-27 14:02 UTC
Re: Problem accessing shorewall.net (rfc1918 problem?)
On Tue, 2004-04-27 at 13:58, Patrick Benson wrote:> That may depend, you probably are blocking yourself out. Is it a static > ip or is it allocated by DHCP?definately not, since most of the sites are working ok.> Use a stripped-down version like Tom''s example, saves you the trouble > with updating the file regularly..i just updated yesterday ;) as i stated in my other reply it is probably some routing issue. i''m experiencing some problems connecting to some us sites. thanks for your reply Holger Brueckner
Holger Brueckner
2004-Apr-27 14:22 UTC
Re: Problem accessing shorewall.net (rfc1918 problem ?)
On Tue, 2004-04-27 at 15:25, Tom Eastep wrote:> Holger Brueckner wrote: > > Hello, > > > > i''m having problems connecting to shorewall.net site. > > it seems like german telekom got a ip block formerly reserved > > by iana. namely i got 84.128.25.220. > > > > could it be that you''re still blocking this ip range ? > > Which shorewall.net site(s) are you having problems accessing? > shorewall.net is comprised of systems in 5 different cities, each with > their own system manager. > > -Tomi HAD problems with http://shorewall.net it works now, so maybe it was just some routing issue. im experiencing some problems with 84.x.x.x ip''s mainly on us sites. well thanks a lot for your answer Holger Brückner
Larry Platzek
2004-Apr-27 14:33 UTC
Re: Problem accessing shorewall.net (rfc1918 problem?)
On Tue, 27 Apr 2004, Holger Brueckner wrote:> Date: Tue, 27 Apr 2004 16:02:07 +0200 > From: Holger Brueckner <lists@net-labs.de> > Reply-To: brueckner@net-labs.de, > Mailing List for Shorewall Users <shorewall-users@lists.shorewall.net> > To: Mailing List for Shorewall Users <shorewall-users@lists.shorewall.net> > Subject: Re: [Shorewall-users] Problem accessing shorewall.net (rfc1918 > problem?) > > On Tue, 2004-04-27 at 13:58, Patrick Benson wrote: > > > That may depend, you probably are blocking yourself out. Is it a static > > ip or is it allocated by DHCP? > > definately not, since most of the sites are working ok. > > > Use a stripped-down version like Tom''s example, saves you the trouble > > with updating the file regularly.. > > i just updated yesterday ;) > > as i stated in my other reply it is probably some routing issue. > i''m experiencing some problems connecting to some us sites. > > thanks for your reply > > Holger BruecknerIt might have been nice to give some example sites, that would have allowed other to try to reach the sites and report back to you if the sites were reachable. We have had some bad weather that could have caused the problems. Maybe the sites are down for some other reason, but you have not helped us to help you in this manner I do hope you will have matter resolved. Have a great day! Larry Platzek larryp@inow.com
Holger Brueckner wrote:> On Tue, 2004-04-27 at 15:25, Tom Eastep wrote: > >>Holger Brueckner wrote: >> >>>Hello, >>> >>>i''m having problems connecting to shorewall.net site. >>>it seems like german telekom got a ip block formerly reserved >>>by iana. namely i got 84.128.25.220. >>> >>>could it be that you''re still blocking this ip range ? >> >>Which shorewall.net site(s) are you having problems accessing? >>shorewall.net is comprised of systems in 5 different cities, each with >>their own system manager. >> >>-Tom > > > i HAD problems with http://shorewall.net > it works now, so maybe it was just some routing issue. >That''s my site -- I have always used a stripped down rfc1918 file and now that I''m running 2.0.1, I don''t set the ''nobogons'' option on my external interface. So whatever the problem, it wasn''t rfc1918/bogons. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Hello, For the www.shorewall.net mirror, I updated the version 2.0 shorewall with http://shorewall.net/pub/shorewall/errata/1.4.10/rfc1918 I does seem to drop 84.0.0.0/6. 83.0.0.0/8 DROP # Reserved 84.0.0.0/6 DROP # Reserved 88.0.0.0/5 DROP # Reserved I assume this is the updated version? Alex Martin http://www.rettc.com Tom Eastep wrote:> Holger Brueckner wrote: > >> On Tue, 2004-04-27 at 15:25, Tom Eastep wrote: >> >>> Holger Brueckner wrote: >>> >>>> Hello, >>>> >>>> i''m having problems connecting to shorewall.net site. >>>> it seems like german telekom got a ip block formerly reserved by >>>> iana. namely i got 84.128.25.220. >>>> >>>> could it be that you''re still blocking this ip range ? >>> >>> >>> Which shorewall.net site(s) are you having problems accessing? >>> shorewall.net is comprised of systems in 5 different cities, each >>> with their own system manager. >>> >>> -Tom >> >> >> >> i HAD problems with http://shorewall.net >> it works now, so maybe it was just some routing issue. >> > > That''s my site -- I have always used a stripped down rfc1918 file and > now that I''m running 2.0.1, I don''t set the ''nobogons'' option on my > external interface. So whatever the problem, it wasn''t rfc1918/bogons. > > -Tom
Alex Martin wrote:> Hello, > > For the www.shorewall.net mirror, I updated the version 2.0 shorewall > with http://shorewall.net/pub/shorewall/errata/1.4.10/rfc1918 > > I does seem to drop 84.0.0.0/6. > > 83.0.0.0/8 DROP # Reserved > 84.0.0.0/6 DROP # Reserved > 88.0.0.0/5 DROP # Reserved > > I assume this is the updated version?No. The updated version: 71.0.0.0/8 logdrop # Reserved 72.0.0.0/5 logdrop # Reserved 89.0.0.0/8 logdrop # Reserved 90.0.0.0/7 logdrop # Reserved -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Hello, Ok. I updated the www.shorewall.net mirror with the proper rfc1918 data. Sorry shorewall users! Tom, http://shorewall.net/pub/shorewall/errata/1.4.10/rfc1918 Has the wrong stuff in it, compared to http://shorewall.net/pub/shorewall/errata/2.0.1/bogons (These links from a recent shorewall announce email). Alex Martin http://www.rettc.com
Alex Martin wrote:> Hello, > > Ok. I updated the www.shorewall.net mirror with the proper rfc1918 data. > > Sorry shorewall users! > > Tom, > > http://shorewall.net/pub/shorewall/errata/1.4.10/rfc1918 > > Has the wrong stuff in it, compared to > > http://shorewall.net/pub/shorewall/errata/2.0.1/bogons > > (These links from a recent shorewall announce email). >The excerpt that I sent you was obtained by clicking on the http://shorewall.net/pub/shorewall/errata/1.4.10/rfc1918 link in your post and cutting and pasting. You''re saying that you see something different? If so, what IP does ''shorewall.net'' resolve to for you? It should be 206.124.146.177. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Sorry, operator error here. Everything is up to date. I can swear I just downloaded that 1.4 file and it was wrong, but that is not the case. So, everything is up to date on my end, and of course on Tom''s end as well. Doh. Alex Martin http://www.rettc.com Tom Eastep wrote:> Alex Martin wrote: > >> Hello, >> >> Ok. I updated the www.shorewall.net mirror with the proper rfc1918 data. >> >> Sorry shorewall users! >> >> Tom, >> >> http://shorewall.net/pub/shorewall/errata/1.4.10/rfc1918 >> >> Has the wrong stuff in it, compared to >> >> http://shorewall.net/pub/shorewall/errata/2.0.1/bogons >> >> (These links from a recent shorewall announce email). >> > > The excerpt that I sent you was obtained by clicking on the > http://shorewall.net/pub/shorewall/errata/1.4.10/rfc1918 link in your > post and cutting and pasting. You''re saying that you see something > different? If so, what IP does ''shorewall.net'' resolve to for you? It > should be 206.124.146.177. > > -Tom
Alex Martin wrote:> Sorry, operator error here. Everything is up to date. I can swear I just > downloaded that 1.4 file and it was wrong, but that is not the case. >Stale web page caches will get you every time :-) -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Hello I''m sorry if it is out of the scope of the mail list But, What you think If I run SNORT.org as IDS on my firewall box, running Shorewall Please advise, and tell me what you think Waiting for your reply Kind Regards Samer
Samer Y. Azmy wrote:> > But, What you think If I run SNORT.org as IDS on my firewall box, running > Shorewall > > Please advise, and tell me what you thinkTwo things: a) There are 56 references to SNORT in the Shorewall Mailing List Archives. Is it the case that you read them all and didn''t find the information that you are looking for? b) Please start a new thread rather than reply to another user''s post and change the subject. Many of us use threaded email clients and your behavior has the effect of embedding your thread inside a completely unrelated one. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net