Hello,
My server is on Mandrake 10.1 off.
eth0 is WAN with static IP connected 512 DSL
eth1 is LAN.
My default shorewall settings are :
Source zone Destination zone Policy Syslog level Traffic limit
loc net ACCEPT None None
fw net ACCEPT None None
net Any DROP info None
Any Any REJECT info None
The interface settings are :
Interface Zone name Broadcast address Options
eth0 net Automatic
dhcp,routefilter,norfc1918,tcpflags
eth1 loc Automatic tcpflags
After I save and reboot my eth0 is down.
I am not able to browse on my server.
Why ?
Thanks
Varun
varun_saa@vsnl.net wrote:> > Hello, > My server is on Mandrake 10.1 off. > eth0 is WAN with static IP connected 512 DSL > eth1 is LAN. > > My default shorewall settings are : > > Source zone Destination zone Policy Syslog level Traffic limit > > loc net ACCEPT None None > > fw net ACCEPT None None > > net Any DROP info None > > Any Any REJECT info None > > The interface settings are : > > Interface Zone name Broadcast address Options > > eth0 net Automatic dhcp,routefilter,norfc1918,tcpflags > > eth1 loc Automatic tcpflags > > After I save and reboot my eth0 is down. > I am not able to browse on my server. > Why ?It could be a number of things, one of them being that you state that your WAN interface is a static ip connected by DSL yet your eth0 interface has the dhcp option set, usually used by those who have cable modems who receive their ip''s through a DHCP server. See if you can find some more gotcha''s: http://www.shorewall.net/troubleshoot.htm -- Patrick Benson Stockholm, Sweden -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.298 / Virus Database: 265.6.6 - Release Date: 2004-12-28
On Thu, 2004-12-30 at 18:36 +0500, varun_saa@vsnl.net wrote:> > After I save and reboot my eth0 is down. > I am not able to browse on my server. > Why ?If you have ADD_SNAT_ALIASES=Yes in /etc/shorewall/shorewall.conf, change it to ADD_SNAT_ALIASES=No. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
On Thu, 30 Dec 2004 18:36:41 +0500, varun_saa@vsnl.net <varun_saa@vsnl.net> wrote:> Hello, > My server is on Mandrake 10.1 off. > eth0 is WAN with static IPstatic VALID IP adress??? or internal private ip adress like 192.168.X.X??? connected 512 DSL> eth1 is LAN. > > My default shorewall settings are : > > Source zone Destination zone Policy Syslog level Traffic limit > > loc net ACCEPT None None > > fw net ACCEPT None None > > net Any DROP info None > > Any Any REJECT info None > > The interface settings are : > > Interface Zone name Broadcast address Options > > eth0 net Automatic dhcp,routefilter,norfc1918,tcpflags > > eth1 loc Automatic tcpflags > > After I save and reboot my eth0 is down. > I am not able to browse on my server. > Why ?> Thanks > > Varun > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm >
----- Original Message ----- From: Cristian Rodriguez <judas.iscariote@gmail.com> Date: Friday, December 31, 2004 1:09 am Subject: Re: [Shorewall-users] shorewall shutting down eth0> On Thu, 30 Dec 2004 18:36:41 +0500, varun_saa@vsnl.net > <varun_saa@vsnl.net> wrote: > > Hello, > > My server is on Mandrake 10.1 off. > > eth0 is WAN with static IP > static VALID IP adress??? or internal private ip adress like > 192.168.X.X??? > > connected 512 DSL > > eth1 is LAN. > > > > My default shorewall settings are : > > > > Source zone Destination zone Policy Syslog level > Traffic limit > > > > loc net ACCEPT None > None > > > > fw net ACCEPT None > None > > > > net Any DROP info > None > > > > Any Any REJECT info > None > > > > The interface settings are : > > > > Interface Zone name Broadcast address Options > > > > eth0 net Automatic > dhcp,routefilter,norfc1918,tcpflags> > > eth1 loc Automatic tcpflags > > > > After I save and reboot my eth0 is down. > > I am not able to browse on my server. > > Why ? > > > > > > Thanks > > > > Varun > > > >A proper static IP give by our ISP.Varun> >
On Sat, 2005-01-01 at 08:49 +0500, varun_saa@vsnl.net wrote:> > Varun > > > >I''ve already responded to your original post and so far you have chosen to ignore my response. If you want my help, please don''t ignore me when I offer suggestions. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
----- Original Message ----- From: Tom Eastep <teastep@shorewall.net> Date: Saturday, January 1, 2005 10:55 pm Subject: Re: [Shorewall-users] shorewall shutting down eth0> On Sat, 2005-01-01 at 08:49 +0500, varun_saa@vsnl.net wrote: > > > > > Varun > > > > > > > > I''ve already responded to your original post and so far you have > chosento ignore my response. If you want my help, please don''t > ignore me when > I offer suggestions. > > -Tom > -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key > >Hello Tom, Happy New Year. No you got me totally wrong. I have noted your reply and will apply it and come back to you. I was a little busy with our wi-fi network. Thanks Varun
----- Original Message ----- From: Tom Eastep <teastep@shorewall.net> Date: Saturday, January 1, 2005 10:55 pm Subject: Re: [Shorewall-users] shorewall shutting down eth0> On Sat, 2005-01-01 at 08:49 +0500, varun_saa@vsnl.net wrote: > > > > > Varun > > > > > > > > I''ve already responded to your original post and so far you have > chosento ignore my response. If you want my help, please don''t > ignore me when > I offer suggestions. > > -Tom > -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key > > > Hello Tom,I have looked into your reply. But that is not the problem. Thanks Varun
----- Original Message ----- From: Patrick Benson <benson@chello.se> Date: Thursday, December 30, 2004 7:58 pm Subject: Re: [Shorewall-users] shorewall shutting down eth0> varun_saa@vsnl.net wrote: > > > > Hello, > > My server is on Mandrake 10.1 off. > > eth0 is WAN with static IP connected 512 DSL > > eth1 is LAN. > > > > My default shorewall settings are : > > > > Source zone Destination zone Policy Syslog level > Traffic limit > > > > loc net ACCEPT None > None > > > > fw net ACCEPT None > None > > > > net Any DROP info > None > > > > Any Any REJECT info > None > > > > The interface settings are : > > > > Interface Zone name Broadcast address Options > > > > eth0 net Automatic > dhcp,routefilter,norfc1918,tcpflags> > > eth1 loc Automatic tcpflags > > > > After I save and reboot my eth0 is down. > > I am not able to browse on my server. > > Why ? > > It could be a number of things, one of them being that you state that > your WAN interface is a static ip connected by DSL yet your eth0 > interface has the dhcp option set, usually used by those who have > cablemodems who receive their ip''s through a DHCP server. See if > you can find > some more gotcha''s: > > http://www.shorewall.net/troubleshoot.htm > > > -- > Patrick Benson > Stockholm, Sweden > > > -- > Yes I have a proper static IP given by the ISP.I have removed the dhcp option. Still the problem persists. Varun
On Sun, 2005-01-02 at 20:19 +0500, varun_saa@vsnl.net wrote:> > > > Hello Tom, > I have looked into your reply. > But that is not the problem.Okay. Does "shorewall restart" take down eth0? If so, please send a trace: shorewall trace restart 2> /tmp/trace and forward the /tmp/trace file. Thanks, -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key