Displaying 20 results from an estimated 30000 matches similar to: "Getting past "net unreachable" message(s)"
2005 Oct 23
6
configuring DNS
Hello
I have DSL 2000 (2048 kbit/s download and 256 kbit/s upload)
I have ping to fast sites very high:
64 bytes from w2.rc.vip.scd.yahoo.com (66.94.234.13): icmp_seq=3 ttl=50 time=2185 ms
64 bytes from w2.rc.vip.scd.yahoo.com (66.94.234.13): icmp_seq=4 ttl=50 time=1983 ms
64 bytes from w2.rc.vip.scd.yahoo.com (66.94.234.13): icmp_seq=5 ttl=50 time=1826 ms
and I know why. I have 2 interfaces:
2005 Sep 18
4
Just a simple question (I think)
Hi all,
How do I put a rule in to allow all ports on a single IP..
I''m not masq my network as the firewall is on the router.
I have another firewall internally that I will be removing sometime soon,
but just wish to forward all ports to this firewall (until I can
decommission it).
3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether
2005 May 30
2
Proxy ARP working from Internet but not from fw and loc
Hello everybody.
I could not find an answer to my problem in the archive. (But that may just
be me :-) )
I have a problem with proxy arp and connection from loc (localnet) and from
the firewall.
Works fine from internet to dmz / proxy arp and vise versa.
I have a feeling the solution is simple, but I''m no guru in Linux routing
etc.
The problem seems to be the routing setup.
loc -
2008 Sep 19
8
bridge + arp
Hi,
this is propably bridge related and not really a xen problem, but it
might help someone:
Some of our domUs are not able to arp. Arp -n show (incomplete), and
doing a tcpdump shows, that on the dom0''s eth0 the arp request goes out,
the response comes in, but on the vifX.0 interface the arp response is
gone.
dom0# tcpdump -ni eth0
arp who-has 10.32.2.51 tell 10.32.7.70
arp reply
2005 Apr 03
3
Problem with fresh two nic installation on FC3
Hi,
I''m having problems with new Shorewall installation on Fedora Core 3 (had
same problem with Core 2 and upgrade did not help even iptables was
upgraded from 1.2.9 to 1.2.11). I''ve followed two nic example, but
starting Shorewall drops all connections and don''t permit any outgoing
requests, even with "all allowed" policy. Policy file is below. Current
setup
2007 Jun 25
1
Ping dom0 <-> domU result in "Destination host unreachable"
Hi folks,
I read quite some posts about "Destination host unreachable" problems
before, but none could help me to solve my issue. So here we go:
This is what I am using:
SUSE Linux Enterprise Desktop 10 SP1 - Current with all updates
Network configuration of my dom0:
foobar:~ # ip a
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd
2005 Apr 10
28
dumb, dumb question
I''m very new to shorewall. My setup is IP Gateway (CentOS 4 + Shorewall)
with 3 NIC cards.
Shorewall works great on the firewall machine. Bind also works (local
net machines get IPs fine). Under firestarter, all works great.
With shorewall, the loc machines can not route past the firewall. They
can connect to the firewall, but not past it.
Exactly what information should I post to get
2020 Sep 06
2
debian 10, vm cant connect to the host bridge
This is my system info:
Debian Release: 10.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.4.60-1-pve (SMP w/16 CPU cores)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh
2004 May 17
3
Yikes! Routing issues!
We switched over from a bordermanager firewall to a shorewall firewall.
Some stuff is not working now.
I realized that I had not created the route for the network that is not
working however once I created it, it still didn''t work.
Most of our network is fine however some pieces are not working.
[Net] - [Shorewall] - [LAN] - [Cisco] - [Clients and servers not
working]
The firewall
2005 Jan 09
22
Dmz
Hello Tom,
I am not sure if you can help with this but I am at my wits end.
If you hit this site and do a force refresh (ctrl + F5) the site will time
out
and lose connections.
Do the same on port 443 and it does not time out???
The web site I am reffering to is www.tituswill.com
I think the only problem is port 80.
Do you have any idea how to diagnose this I have sent a dump
of just
2005 Mar 01
3
Problem with multiple ISP''s
I have a setup with two Internet providers. One circuit (net0 == eth1) is
used primarily for employees and tunnels to other sites. The other (net1 ==
eth2) is for the production machines that customers access. Everythung works
in teh sense that packets get to where they are sent (mostly) but I recently
I had a sniffer on the system and noticed a problem I cannot solve. traffic
coming in
2007 Jun 21
5
GRE tunnel
I am trying to setup GRE between two CentOS 4.5 boxes. I have tried
several variations of what''s listed below, but none of them work.
box1:
modprobe ip_gre
ip link set gre0 up
ip tunnel add gretun mode gre local 66.1.1.161 remote 66.1.2.161 ttl 20 dev
eth0
ip addr add dev gretun 10.253.253.1 peer 10.253.253.2/24
ip link set dev gretun up
ip route add 10.2.0.0/16 via 10.253.253.2
box2:
2004 Dec 06
12
Interface Configuration
Hello,
You may recall some of My Dmz question around Thanksgiving.
While I have configured a Proxy arp Dmz. I would like to practice
with the routed setup you suggested Tom as your network was
simular.
Here is one of your quotes "The configuration of eth2 is largely
irrelevant but you certainly don''t
want to confuse things by assigning any default gateway out of that
2012 May 16
1
ARP requests are interpreted as a martian
Shorewall 4.5.1.1
I have 5 interfaces on a centos box, the first two are internal on two
different subnets, the next two are two different ISP''s and the last one
is a private network for testing and administration. The second internal
subnet (eth1) is rejecting all the arp requests to it and I get the
following in the log files ever second or two -
May 16 05:28:54 services kernel:
2004 Sep 15
15
re: start error
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The original post was over 300,000kb so I didn''t spam the list with it -TE.
|
|
| Thank you for your quick and helpful response.
|
| I didn''t understand that the virtual interface eth0:1 doesn''t count as
a separate instance from eth0.
| I am sorry to ask for further assistance and would appreciate any
help. The error
2005 Jun 02
3
Net > DMZ > AllowFTP
Lables:
Gateway = 209.5.171.65
Netmask = 255.255.255.192
Eth0 = net = 209.5.171.66
Eth1 = loc = 192.168.0.1
There is no NAT clients, in essence loc is dmz. I can rename loc to dmz
if that helps. Proxy/ARP is used for IP addresses 209.5.171.67-126
Problem:
Using the Shorewall Action AllowFTP does not result in desired behavior
when connecting from Internet to machines behind firewall in DMZ. From
2018 Dec 16
3
macvtap and tagged VLANs to the VM
Hi,
I would like to run a network firewall as a VM on a KVM host. There are
~ 25 VLANs delivered to the KVM host on three dedicated links, no LACP
or other things. I have the VLANs 100-180 on the host's enp1s0, the VLANs
200-280 on the host's enp2s0 and the VLANs 300-380 on the host's enp3s0.
To save myself from configuring all VLANs on the KVM host, I'd like to
hand the entire
2005 Mar 26
11
Do i need a proxy??
Goodday,
First my network layout:
dsl router (10.0.0.99)
|
server (eth0 10.0.0.1, eth1 10.0.1.10)
|
3 times windows machine (10.0.1.2, 10.0.1.3, 10.0.1.4)
(all with proxy settings 10.0.1.10:8080)
Now on the server is mandrake 10 installed with shorewall as firewall.
And a apache webserver (and no ftp server).
When i turned internet sharing on it started squid which added a line in the
2005 Apr 22
4
I have a problem similar to FAQ 2 scenario, but reply packets don''t seem to be recognized.
Hello,
I am running Shorewall 2.0.2f, on SuSE 9.2 distro, kernel
2.6.8-24.11-default
My ip addr show output is as follows:
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:
2006 Jul 20
2
GRE over IPsec Cisco<-> Linux
Hello Lartc Mailing List:
Been working on something the last week and a half and ALMOST have it
working.., just need a few pointers from the wizards on this mailing list to
nail it.
Ok, my setup is a hub and spoke arrangement, hub is Cisco 2821 with IOS 12.4.
Spokes are ruggencom RX1000 routers, Debian based with the following versions
installed:
rx1000test:~# uname -a
Linux rx1000test