zansatsu
-
Posts
16 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Posts posted by zansatsu
-
-
I think I was premature in my celebration. I'm back to square one. no ping from linux to my windows machine and the two computers no longer see each other. I'm half tempted to completely delete my current iptable configuration and start from scratch. Suggestions?
-
still unable to ping my windows machine from linux and there is no firewall on my windows machine. =(
-
Good stuff it worked like a charm! Not only is ICS working but both machines can see each other. Now if I can get samba to function properly I will be in business. Thank you for your help. You are a linux guru.
-
Ok will do.
-
iptables -I INPUT 2 -i eth0 -s 192.168.1.0/24 -j ACCEPT iptables: Index of insertion too big
Apparently iptables didn't like that.
-
Here's iptables -nvL:
[root@aazwin2kmdk10 alex]# iptables -nvL Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 2 80 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 88 37850 eth1_in all -- eth1 * 0.0.0.0/0 0.0.0.0/0 10 1220 eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0/0 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP 1 packets, 48 bytes) pkts bytes target prot opt in out source destination 0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 3 370 eth1_fwd all -- eth1 * 0.0.0.0/0 0.0.0.0/0 3 189 eth0_fwd all -- eth0 * 0.0.0.0/0 0.0.0.0/0 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 2 80 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 90 47205 fw2net all -- * eth1 0.0.0.0/0 0.0.0.0/0 12 1867 all2all all -- * eth0 0.0.0.0/0 0.0.0.0/0 0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain Drop (1 references) pkts bytes target prot opt in out source destination 4 989 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 4 989 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropSMB all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropNonSyn all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropDNSrep all -- * * 0.0.0.0/0 0.0.0.0/0 Chain DropDNSrep (2 references) pkts bytes target prot opt in out source destination 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 Chain DropSMB (1 references) pkts bytes target prot opt in out source destination 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:135 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:135 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 Chain DropUPnP (2 references) pkts bytes target prot opt in out source destination 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 Chain Reject (4 references) pkts bytes target prot opt in out source destination 2 120 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 2 120 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 2 120 RejectSMB all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropNonSyn all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropDNSrep all -- * * 0.0.0.0/0 0.0.0.0/0 Chain RejectAuth (2 references) pkts bytes target prot opt in out source destination 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 Chain RejectSMB (1 references) pkts bytes target prot opt in out source destination 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:135 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 0 0 reject udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:135 1 60 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 1 60 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 Chain all2all (2 references) pkts bytes target prot opt in out source destination 10 1747 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 120 Reject all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:all2all:REJECT:' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain dropBcast (2 references) pkts bytes target prot opt in out source destination 4 989 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = multicast Chain dropNonSyn (2 references) pkts bytes target prot opt in out source destination 0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x16/0x02 Chain dynamic (4 references) pkts bytes target prot opt in out source destination Chain eth0_fwd (1 references) pkts bytes target prot opt in out source destination 2 143 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW 3 189 loc2net all -- * eth1 0.0.0.0/0 0.0.0.0/0 Chain eth0_in (1 references) pkts bytes target prot opt in out source destination 2 96 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW 10 1220 loc2fw all -- * * 0.0.0.0/0 0.0.0.0/0 Chain eth1_fwd (1 references) pkts bytes target prot opt in out source destination 0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW 3 370 net2all all -- * eth0 0.0.0.0/0 0.0.0.0/0 Chain eth1_in (1 references) pkts bytes target prot opt in out source destination 4 989 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW 88 37850 net2fw all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fw2net (1 references) pkts bytes target prot opt in out source destination 81 46654 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 6 360 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 3 191 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain icmpdef (0 references) pkts bytes target prot opt in out source destination Chain loc2fw (1 references) pkts bytes target prot opt in out source destination 8 1124 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 4443,137 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 4443,137 2 96 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3128 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3128 0 0 all2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain loc2net (1 references) pkts bytes target prot opt in out source destination 1 46 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 143 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2all (2 references) pkts bytes target prot opt in out source destination 3 370 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 4 989 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2all:DROP:' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2fw (1 references) pkts bytes target prot opt in out source destination 84 36861 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 4443,137 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 4443,137 4 989 net2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain reject (11 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 PKTTYPE = multicast 0 0 DROP all -- * * 131.96.229.191 0.0.0.0/0 0 0 DROP all -- * * 192.168.1.255 0.0.0.0/0 0 0 DROP all -- * * 255.255.255.255 0.0.0.0/0 0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0 2 120 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 REJECT icmp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-unreachable 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited Chain shorewall (0 references) pkts bytes target prot opt in out source destination Chain smurfs (0 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 131.96.229.191 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * 131.96.229.191 0.0.0.0/0 0 0 LOG all -- * * 192.168.1.255 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * 192.168.1.255 0.0.0.0/0 0 0 LOG all -- * * 255.255.255.255 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * 255.255.255.255 0.0.0.0/0 0 0 LOG all -- * * 224.0.0.0/4 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:smurfs:DROP:' 0 0 DROP all -- * * 224.0.0.0/4 0.0.0.0/0
-
Have a look at my howto here:
You may need to install iptables first (urpmi iptables).
You cannot 'just stop' the firewall, as shorewall (or other firewall, including custom rule sets) just set the netfilter rules, then exit. So you need to clear the rules and set the defaults for 'allow'. This is obviously not recommended for a running environment - just for testing.
Chris
Holy cow, LinNeighborhood can now see my win2k machine after lowering my firewall. But I just lost internet connection sharing. Progress though....
-
Here's my iptables -L output:
[root@aazwin2kmdk10 alex]# iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere DROP !icmp -- anywhere anywhere state INVALID eth1_in all -- anywhere anywhere eth0_in all -- anywhere anywhere Reject all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix `Shorewall:INPUT:REJECT:' reject all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination DROP !icmp -- anywhere anywhere state INVALID eth1_fwd all -- anywhere anywhere eth0_fwd all -- anywhere anywhere Reject all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix `Shorewall:FORWARD:REJECT:' reject all -- anywhere anywhere Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere DROP !icmp -- anywhere anywhere state INVALID fw2net all -- anywhere anywhere all2all all -- anywhere anywhere Reject all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix `Shorewall:OUTPUT:REJECT:' reject all -- anywhere anywhere Chain Drop (1 references) target prot opt source destination RejectAuth all -- anywhere anywhere dropBcast all -- anywhere anywhere DropSMB all -- anywhere anywhere DropUPnP all -- anywhere anywhere dropNonSyn all -- anywhere anywhere DropDNSrep all -- anywhere anywhere Chain DropDNSrep (2 references) target prot opt source destination DROP udp -- anywhere anywhere udp spt:domain Chain DropSMB (1 references) target prot opt source destination DROP udp -- anywhere anywhere udp dpt:135 DROP udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn DROP udp -- anywhere anywhere udp dpt:microsoft-ds DROP tcp -- anywhere anywhere tcp dpt:135 DROP tcp -- anywhere anywhere tcp dpt:netbios-ssn DROP tcp -- anywhere anywhere tcp dpt:microsoft-ds Chain DropUPnP (2 references) target prot opt source destination DROP udp -- anywhere anywhere udp dpt:1900 Chain Reject (4 references) target prot opt source destination RejectAuth all -- anywhere anywhere dropBcast all -- anywhere anywhere RejectSMB all -- anywhere anywhere DropUPnP all -- anywhere anywhere dropNonSyn all -- anywhere anywhere DropDNSrep all -- anywhere anywhere Chain RejectAuth (2 references) target prot opt source destination reject tcp -- anywhere anywhere tcp dpt:auth Chain RejectSMB (1 references) target prot opt source destination reject udp -- anywhere anywhere udp dpt:135 reject udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn reject udp -- anywhere anywhere udp dpt:microsoft-ds reject tcp -- anywhere anywhere tcp dpt:135 reject tcp -- anywhere anywhere tcp dpt:netbios-ssn reject tcp -- anywhere anywhere tcp dpt:microsoft-ds Chain all2all (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED Reject all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix `Shorewall:all2all:REJECT:' reject all -- anywhere anywhere Chain dropBcast (2 references) target prot opt source destination DROP all -- anywhere anywhere PKTTYPE = broadcast DROP all -- anywhere anywhere PKTTYPE = multicast Chain dropNonSyn (2 references) target prot opt source destination DROP tcp -- anywhere anywhere tcp flags:!SYN,RST,ACK/SYN Chain dynamic (4 references) target prot opt source destination Chain eth0_fwd (1 references) target prot opt source destination dynamic all -- anywhere anywhere state NEW loc2net all -- anywhere anywhere Chain eth0_in (1 references) target prot opt source destination dynamic all -- anywhere anywhere state NEW loc2fw all -- anywhere anywhere Chain eth1_fwd (1 references) target prot opt source destination dynamic all -- anywhere anywhere state NEW net2all all -- anywhere anywhere Chain eth1_in (1 references) target prot opt source destination dynamic all -- anywhere anywhere state NEW net2fw all -- anywhere anywhere Chain fw2net (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT all -- anywhere anywhere Chain icmpdef (0 references) target prot opt source destination Chain loc2fw (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere multiport dports 4443,netbios-ns ACCEPT tcp -- anywhere anywhere multiport dports 4443,netbios-ns ACCEPT tcp -- anywhere anywhere tcp dpt:squid all2all all -- anywhere anywhere Chain loc2net (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere Chain net2all (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED Drop all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix `Shorewall:net2all:DROP:' DROP all -- anywhere anywhere Chain net2fw (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere multiport dports 4443,netbios-ns ACCEPT tcp -- anywhere anywhere multiport dports 4443,netbios-ns net2all all -- anywhere anywhere Chain reject (11 references) target prot opt source destination DROP all -- anywhere anywhere PKTTYPE = broadcast DROP all -- anywhere anywhere PKTTYPE = multicast DROP all -- 131.96.229.191 anywhere DROP all -- 192.168.1.255 anywhere DROP all -- 255.255.255.255 anywhere DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere REJECT tcp -- anywhere anywhere reject-with tcp-reset REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable REJECT icmp -- anywhere anywhere reject-with icmp-host-unreachable REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain shorewall (0 references) target prot opt source destination Chain smurfs (0 references) target prot opt source destination LOG all -- 131.96.229.191 anywhere LOG level info prefix `Shorewall:smurfs:DROP:' DROP all -- 131.96.229.191 anywhere LOG all -- 192.168.1.255 anywhere LOG level info prefix `Shorewall:smurfs:DROP:' DROP all -- 192.168.1.255 anywhere LOG all -- 255.255.255.255 anywhere LOG level info prefix `Shorewall:smurfs:DROP:' DROP all -- 255.255.255.255 anywhere LOG all -- BASE-ADDRESS.MCAST.NET/4 anywhere LOG level info prefix `Shorewall:smurfs:DROP:' DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere
-
Yeah.... mcc doesn't seem to be disabling the firewall when I tell it to allow everything. What process do I kill/disable? Sorry if these are obvious questions, I'm still a noob when it comes to the subtleties of linux networking.
-
Can you ping the linux box from windows ok? If you can isolate the machine from the web for a while it might be worth turning shorewall (or any other firewalling) off just to make sure it isn't simply the packets necessary for the sharing being dumped.
I didn't even think about that. I can ping my linux box at 127.0.0.1 and it responds. What's the easiest way to disable the firewall?
-
Okie dokie. I decided to give you my processes so you can see what I have running (samba, squid, etc.) Yes QChem your assumption is correct. I have 2 nics on my linux box which is connected to the internet. I used the ICS applet in MCC to enable internet connection sharing and from the process list below, I apparently have dhcpd running.
[root@aazwin2kmdk10 alex]# ps -A PID TTY TIME CMD 1 ? 00:00:03 init 2 ? 00:00:00 migration/0 3 ? 00:00:00 ksoftirqd/0 4 ? 00:00:00 events/0 5 ? 00:00:00 kblockd/0 6 ? 00:00:00 pdflush 7 ? 00:00:00 pdflush 8 ? 00:00:00 kswapd0 9 ? 00:00:00 aio/0 11 ? 00:00:00 kseriod 15 ? 00:00:00 kjournald 129 ? 00:00:00 devfsd 219 ? 00:00:00 khubd 385 ? 00:00:00 khpsbpkt 398 ? 00:00:00 knodemgrd_0 538 ? 00:00:00 kjournald 1072 ? 00:00:00 sensord 1352 ? 00:00:01 ifplugd 1417 ? 00:00:00 dhclient 3021 ? 00:00:00 portmap 3035 ? 00:00:00 syslogd 3043 ? 00:00:00 klogd 3082 ? 00:00:00 rpc.statd 3445 ? 00:00:00 xfs 3486 ? 00:00:00 atd 3501 ? 00:00:00 acpid 3517 ? 00:00:00 named 3553 ? 00:00:00 xinetd 3578 ? 00:00:00 ptal-mlcd 3580 ? 00:00:00 ptal-printd 3592 ? 00:00:00 chronyd 3627 ? 00:00:00 cupsd 3806 ? 00:00:00 dhcpd 3899 ? 00:00:00 crond 3929 ? 00:00:00 squid 3931 ? 00:00:04 squid 3942 ? 00:00:00 unlinkd 3943 ? 00:00:00 diskd 3944 ? 00:00:00 smbd 3954 ? 00:00:00 nmbd 3977 ? 00:00:00 smbd 4027 ? 00:00:00 login 4028 tty2 00:00:00 mingetty 4029 tty3 00:00:00 mingetty 4030 tty4 00:00:00 mingetty 4031 tty5 00:00:00 mingetty 4032 tty6 00:00:00 mingetty 4245 tty1 00:00:00 bash 4284 tty1 00:00:00 startx 4296 tty1 00:00:00 xinit 4297 ? 00:09:57 X 4306 tty1 00:00:00 startkde 4353 tty1 00:00:13 magicdev 4367 tty1 00:00:00 gconfd-2 4370 ? 00:00:00 kdeinit 4373 ? 00:00:00 kdeinit 4375 ? 00:00:00 kdeinit 4378 ? 00:00:01 kdeinit 4379 ? 00:00:02 fam 4393 ? 00:00:14 artsd 4404 ? 00:00:02 kdeinit 4405 tty1 00:00:00 kwrapper 4407 ? 00:00:00 kdeinit 4408 ? 00:00:27 kdeinit 4410 ? 00:00:15 kdeinit 4413 ? 00:00:17 kdeinit 4417 ? 00:00:09 xscreensaver 4424 ? 00:00:20 kdeinit 4428 ? 00:00:09 kdeinit 4430 ? 00:00:00 kdeinit 4445 ? 00:00:06 korgac 4486 ? 00:00:00 kdeinit 4610 ? 00:00:08 kdeinit 4685 ? 00:00:00 kdesud 7563 ? 00:00:00 firefox 7574 ? 00:00:00 run-mozilla.sh 7579 ? 00:10:47 firefox-bin 7597 ? 00:00:00 java_vm 7814 ? 00:00:00 kdeinit 14619 ? 00:00:01 kdeinit 14620 pts0 00:00:00 bash 14780 ? 00:00:16 kdeinit 14781 pts1 00:00:00 bash 14897 pts1 00:00:00 su 14900 pts1 00:00:00 bash 14933 pts1 00:00:00 ps
Here is the route -n output, of which I have no clue how to interpret.
[root@aazwin2kmdk10 alex]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 131.96.229.128 0.0.0.0 255.255.255.192 U 0 0 0 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 131.96.229.129 0.0.0.0 UG 0 0 0 eth1
I really appreciate everyone's help. This problem has frustrated me for a while and I feel better knowing that you guys are on it. Thanx.
Alex
-
Ok, sorry if I've confused you :D
Taking things in small steps (so I don't confuse myself!!), does the linux box have a working internet connection? Can you ping the windows machine, and can you ping outside servers - such as google?
Yes my mandy box has an internet connection, Yes I can ping google, and no I can't ping my win2k machine.
[alex@aazwin2kmdk10 alex]$ ping www.google.com PING www.l.google.com (64.233.187.99) 56(84) bytes of data. 64 bytes from 64.233.187.99: icmp_seq=1 ttl=240 time=29.9 ms 64 bytes from 64.233.187.99: icmp_seq=2 ttl=240 time=29.9 ms 64 bytes from 64.233.187.99: icmp_seq=3 ttl=240 time=30.5 ms 64 bytes from 64.233.187.99: icmp_seq=4 ttl=240 time=30.0 ms 64 bytes from 64.233.187.99: icmp_seq=5 ttl=240 time=29.8 ms 64 bytes from 64.233.187.99: icmp_seq=6 ttl=240 time=30.0 ms 64 bytes from 64.233.187.99: icmp_seq=7 ttl=240 time=29.8 ms 64 bytes from 64.233.187.99: icmp_seq=8 ttl=240 time=29.9 ms 64 bytes from 64.233.187.99: icmp_seq=9 ttl=240 time=30.1 ms 64 bytes from 64.233.187.99: icmp_seq=10 ttl=240 time=29.7 ms 64 bytes from 64.233.187.99: icmp_seq=11 ttl=240 time=30.0 ms 64 bytes from 64.233.187.99: icmp_seq=12 ttl=240 time=30.1 ms 64 bytes from 64.233.187.99: icmp_seq=13 ttl=240 time=30.1 ms 64 bytes from 64.233.187.99: icmp_seq=14 ttl=240 time=30.5 ms --- www.l.google.com ping statistics --- 14 packets transmitted, 14 received, 0% packet loss, time 13008ms rtt min/avg/max/mdev = 29.758/30.072/30.560/0.237 ms
[alex@aazwin2kmdk10 alex]$ ping 192.168.1.250 PING 192.168.1.250 (192.168.1.250) 56(84) bytes of data. From 192.168.1.1 icmp_seq=1 Destination Host Unreachable From 192.168.1.1 icmp_seq=1 Destination Host Unreachable From 192.168.1.1 icmp_seq=1 Destination Host Unreachable From 192.168.1.1 icmp_seq=1 Destination Host Unreachable From 192.168.1.1 icmp_seq=1 Destination Host Unreachable From 192.168.1.1 icmp_seq=1 Destination Host Unreachable ping: sendmsg: Operation not permitted From 192.168.1.1 icmp_seq=2 Destination Host Unreachable ping: sendmsg: Operation not permitted From 192.168.1.1 icmp_seq=3 Destination Host Unreachable ping: sendmsg: Operation not permitted From 192.168.1.1 icmp_seq=4 Destination Host Unreachable ping: sendmsg: Operation not permitted From 192.168.1.1 icmp_seq=5 Destination Host Unreachable ping: sendmsg: Operation not permitted --- 192.168.1.250 ping statistics --- 5 packets transmitted, 0 received, +10 errors, 100% packet loss, time 4059ms
NOTE: The address I'm pinging is the address that my Win2k machines lease is on according to ms ipconfig.
-
I appreciate your quick response but that puts me back at square one. I've tried reading through the documents for samba but there are so many parameters that I don't know what controls what. Maybe you could tell me what I should focus on? And I have used Mandrake Control Center extensively, but it does not give me the control I want over iptables and shorewall. I also get the feeling that it isn't properly configuring everything, otherwise I wouldn't have this problem.
Also, LinNeighborhood gives me this error when I tried to probe the address where my Win2k machine is.
Packet send failed to 192.168.1.255(137) ERRNO=Operation not permitted Domain=[LINUSROX] OS=[Unix] Server=[Samba 3.0.10] Packet send failed to 192.168.1.255(137) ERRNO=Operation not permitted Domain=[LINUSROX] OS=[Unix] Server=[Samba 3.0.10]
If that helps.
-
What configuration have you attempted with samba? Have you tried using the tools in mcc, or failing that swat?
To be honest, I know very little about samba and I have not tried mcc or swat.
-
Hi all. I have been all over this forum looking for an answer and I don't think anyone has addressed it directly. I'm running MDK 10.0 Official on one machine which is acting as a gateway for a Windows 2000 machine. Ever since the initial MDK10 install, I have been unable to read Windows shares from my Linux box and vice versa. I've even tried ping from my mandy box but it just gives a series of errors. Likewise, Windows knows it has an internet connection, but it doesn't see my linux box. I have samba installed, and unfortunately samba setup is a little mindboggling for me. I don't even know if it is samba's fault or squid's or shorewall's or what. All I know is that I can't share and it's just recently become important as I've begun using both machines for video editing.
Here's ifconfigs output:
eth0 Link encap:Ethernet HWaddr 00:10:DC:23:C7:97 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::210:dcff:fe23:c797/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:51348 errors:0 dropped:0 overruns:0 frame:0 TX packets:37039 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:65524663 (62.4 Mb) TX bytes:2400624 (2.2 Mb) Interrupt:5 Base address:0x6000 eth1 Link encap:Ethernet HWaddr 00:01:02:6E:51:6C inet addr:131.96.229.142 Bcast:131.96.229.191 Mask:255.255.255.192 inet6 addr: fe80::201:2ff:fe6e:516c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:81437 errors:0 dropped:0 overruns:4 frame:0 TX packets:74806 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:42456112 (40.4 Mb) TX bytes:68360201 (65.1 Mb) Interrupt:11 Base address:0xc400 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:6493 errors:0 dropped:0 overruns:0 frame:0 TX packets:6493 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:329254 (321.5 Kb) TX bytes:329254 (321.5 Kb)
Please let me know if you need more info. Again, if this issue has been addressed, if someone could point me in the right direction, I'd appreciate it. Thanx for your time.
Alex
ICS Enabled but can't share
in Networking
Posted · Edited by zansatsu
Thank you for the script... however it did not work for me. The only time I have any sort of smb access is when my gateway is completely naked to the world. I've been studying several howtos on iptables, but I'm still not confident enough to tackle it completely. When I've learned enough, I think I will begin to set it up.
I'm always open to further suggestions and again thanks to everyone for your help. This is why I love linux, the people are so nice here. =)
Alex