streeter

Good Morning! Actually wrong - sorry tired... Don't worry too much about switched/non switched ports (as in network switching) these are ordinary LAN ports. The uplink ports are for daisy chaining hubs and switches together. A normal LAN port on the hub must be plugged into the uplink port on the router (or the other way round, it doesn't matter) with a normal straight through cable for this to work. All an uplink port does is simulate a crossover cable - this is why it usually disables the port next to it - it is in fact the same port with some wires reversed. To eliminate the fixed cable running downstairs, position the router right next to the PCs. Unless you have a cable tester or it's only the windows machine upstairs (which works). The router doesn't need to be connected to the net to connect the 2 PCs. Probably shouldn't say it because you sound pretty clued up about networking, but I assume you set the IP address etc. on the router after the reset - the default is 192.168.1.1. Running out of ideas Chris

I go with the evil NIC theory :) I know what you mean, but strange coincidences do happen - I went to a customer that bought a new USB printer the other day and swore blind it made his PS2 keyboard go wrong - coincidence. An ordinary LAN socket on the router should be connected to an ordinary LAN socket on the hub for it to work. I notice in the manual that port 4 of the router becomes inactive if the uplink is used - worth checking... Running out of ideas - perhaps it might be worth resetting the router (after saving the settings) I'm off to bed now - my brain hurts. Chris

The Linux NIC and networking seem to be fine - look to the router The router must be ignoring the Linux box - has it a setting to only allow certain MAC addresses perhaps?? My Belkin certainly does. Maybe it is worth noting down/saving the router settings and then resetting it What is the make/model of the router (somebody else may have knowledge of it) The hub should be connected to the router through a normal socket, not the uplink socket, else it won't work. You won't see anything with a packet sniffer on another machine if the router ports are switched - use the hub

Hi again No firewall rules is good news for connectivity. Perhaps we should start out troubleshooting right from the beginning, even though you may have already done all the things below, weird things happen... Can you ping Linux from Windows? Turn off or unplug the Windows box and leave it off/unplugged while testing. Replace the cable from the Linux box to the router with the one from Windows. By the way, are they directly connected with a patch lead - i.e sitting next to each other, or is there further cabling to go faulty? Restart the router. Wait a couple of minutes for the lights to settle down. Reboot the Linux box Try pinging the router Post output of route -n Make sure there is a valid IP address in the output of ifconfig eth0 That will do for now... Chris

Depends what you have in there :) If it's working, I should leave it alone. hava a look in the sticky thread for further explanation. I am working on updating/extending my pages there - will post the new addresses when finished... Chris

Have a look at my reply to this thread: http://mandrakeusers.org/index.php?showtopic=23847 (Just ignore the 'PC 2' bits) May get you going again... Chris

Hi A couple of things to try: Install iptables (urpmi iptables) - you could still have a misconfigured firewall (you don't need iptables installed to have an active firewall, as it's only a frontend). Then send us the results of iptables -nvL Presumably you can ping the router from the Windows box? Have you tried a crossover cable directly from the Linux box to your windows box, and pinging both ways? If the driver/card is faulty (unlikely), you could always put a second NIC in the Linux box and use that one. Looks most likely to be a firewall problem from here though. Chris

Mandrake wizards are not always the best tools, that combined with lack of networking knowledge often causes probs... You can easily set it all up manually with this (should work, doing this from memory/notes): PC 1: Edit /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 BOOTPROTO=static IPADDR=192.168.0.1 NETMASK=255.255.255.0 NETWORK=192.168.0.0 BROADCAST=192.168.0.255 ONBOOT=yes MII_NOT_SUPPORTED=yes PC 2: Edit /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 BOOTPROTO=static IPADDR=192.168.0.2 NETMASK=255.255.255.0 NETWORK=192.168.0.0 BROADCAST=192.168.0.255 ONBOOT=yes MII_NOT_SUPPORTED=yes PCs 1 & 2: /etc/resolv.conf should contain the nameserver address(es) - put the address of your ISPs nameserver right at the top. eg: nameserver 195.20.224.165 nameserver 195.20.224.166 This entry will get overwritten on the dialup machine when it dials up. To get your ISPs nameserver addresses, either check their website or dial up and look in the file. PC 1: /etc/sysconfig/network: HOSTNAME=A_unique_hostname # localhost1.com actually exists on the Internet!!! You MUST choose a unique one, i.e. one that does not end in .com, .net, .co.uk etc... something like 'localhost1.mynetwork' or 'brian' NETWORKING=yes GATEWAY= # this will get sorted out when you dial up. Leave it blank. PC 1: We then need to set up packet forwarding: Put the following command at the beginning of /etc/sysctl.conf net.ipv4.ip_forward=1 PC 1: Install iptables - type "urpmi iptables" as root, or use the package manager in the start menu or mcc Add the following code to the bottom of /etc/rc.d/rc.local. iptables -t nat -D PREROUTING -i eth0 -j loc_dnat iptables -t nat -A POSTROUTING -o ppp0 -s 192.168.0.0/24 -d 0/0 -j MASQUERADE PC 2: /etc/sysconfig/network: HOSTNAME=Another_unique_hostname NETWORKING=yes GATEWAY=192.168.0.1 Both PCs (the files should be the same on both machines - required if you want to access the machines by name): /etc/hosts: 192.168.0.1 A_unique_hostname # the hostname of PC 1 192.168.0.2 Another_unique_hostname # the hostname of PC 2 Then Reboot both PCs (you can restart the network, but quicker to explain this way...) Try it all out: Try pinging your computers NIC (type "ping 192.168.0.1" on PC 1 ) If OK - Try pinging the NIC on PC 2 (type "ping 192.168.0.2" on PC 2) If OK - Try pinging the gateway from PC 2 (type "ping 192.168.0.1" on PC 2) If OK - Try browsing from each machine. If you are still having problems, post the following information in the networking forum: What works, what doesn't? Output of "ifconfig" , "route -n" , "iptables -nvL" and "iptables -nvL -t nat" Summary of the results of all pings above. Good luck! Chris

Hi all After my long absence from this forum, I received a mail telling me my ICS howto doesn't always work... If read in conjunction with this, it may help (or confuse!!) Anyway, for the people asking what these commands do: net.ipv4.ip_forward = 1 Tells the OS to allow the routing of data to another node iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP These 3 lines set the default actions for the firewall - NOTE having a default of ACCEPT for INPUT is NOT a good idea - this means that if any packet is not stopped by your other firewall rules, it drops off the end of your firewall 'rule list' and is then accepted... what if that packet belongs to a cracker??? Set it to DROP. Effectively, these are the last rules in your firewall list. iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT A rule that ACCEPTs 'replies' to your 'requests' (ESTABLISHED,RELATED) that are coming In your external interface (eth0) and going Out through your internal interface (eth1). For instance, if you requested a web page. it allows that page through. iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT This rule ACCEPTs any packet coming in eth1 and going out eth0. i.e. packets being routed from your own network to the internet. iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE This rule performs network address translation (nat or masquerading). Difficult to explain easily and simply, but here goes: Each network node (computer, router etc) must have a different IP address so that they know where to send data, but you only have a single public IP address - the one allocated to you by your ISP. So the router (in this case your Linux box) has to perform NAT - it changes the IP address in the data packets to the public one (it remembers which ones it changes, because each packet has a unique serial number). This allows your ISP to send the reply back to the correct place (your Linux router) where the IP address is then changed back to your private one and routed to the correct PC. Does that make sense? :) Chris

flightcrank: You should really start another thread - having 2 (albeit similar) problems in a single thread may confuse others. You can leave your external interface with dhcp if it works OK. Your internal interface needs to be on another subnet - see the ICS howto for hints, then: The connands can be put at the end of /etc/rc.d/rc.local to make them permanent. If you need further help, please post the output of the commands/contents of files listed at the end of the howto. If we have detail (IP addressing scheme, how the computers are connected, what already works etc) we can give you a more precise answer. Chris

Could try looking in the windows config for a modem init string and entering it in kppp.

You can find the howto here - the link is in the networking sticky posts: http://web.onetel.net.uk/~showerail/ics_setup.html That will set up your Mandrake box. The windows box should then use the mdk box as a gateway, and have your ISPs DNS server IP address in the config. Let us know how you get on! Chris

Have a look at the sticky posts at the top of the networking forum - there is some useful info there, including links to my howto. We also need more info - what kind of connection are you trying to share? dial-up? DSL? cable? Also how are you trying to share? NAT or with a proxy? If you are trying to share using nAT (network address translation) then disabling your firewall will also disable connection sharing... Forget Samba for the minute - you do not need it for sharing an internet connection - Samba is for file sharing. I recommend you set up sharing manually (see the sticky posts - it's really not that difficult, honest). Chris

Just use the wizard to set shorewall up as normal, and put the iptables commands in /etc/rc.d/rc.local - they will add to the netfilter firewall rules after shorewall is started on each boot. Sorry - I don't use shorewall, so don't know the config for it, but bear in mind that all shorewall does is manipulate netfilter then exits - the same as iptables does, but is supposed to be more user friendly. Chris

You need to install the kernel sources.

You should be able to recover it :) Try Typing this as root: echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -I POSTROUTING 1 -o ppp0 -s 192.168.10.0/24 -d 0/0 -j MASQUERADE If it works, put it at the end of /etc/rc.d/rc.local. if you get an error, install iptables (urpmi iptables). You will also have to point the LAN PCs to a valid nameserver. Have you looked at the sticky post at the top of the networking forum? Chris

As you are having problems with the mandrake tools, you may as well set up a static connection - see my howto at : Simple network setup and the sticky post at the top of the network forum - it's meant for 10.0 but should apply equally to 9.2. Chris

Try hashing out the 'nameserver 192.168.0.1' in /etc/resolv.conf - this will force your Linux box to use your ISPs nameserver - presumeably at 205.171.x.x (you should check this address on your ISPs website - BTW you don't need to x.x this one out - it's public) The nameserver will probably be reset when using DHCP, so I would recommend setting up with a static address, as in the howto. To stop a ping, press 'control c' or use ping -c 5 192.168.0.1 (must add this to the howto...) Chris

I posted a Simple network setup link in the sticky post at the top of the networking forum - have a look and let us know how you get on. It's meant for mdk10, but should be the same for your version. Basically, get the settings from the win98 partition - type winipcfg at a DOS command prompt to pull these up. Once you are happy, you should consider upgrading to mdk 10.0, and I would advise using the Linux box as the connection sharing host, rather than windows... Chris

Yes - the linux box can route and/or filter packets between 2 networks - you need to enable IP forwarding and allow forwarding between the 2 networks in the firewall. There are many instances of this kind of thing out there - I route between a wireless AP and satellite router on a hub and wired LAN on a switch for instance. I personally have never used Linux as a bridge though, if it's MAC addresses you are wanting to filter by. You may want to look at a dedicated router/bridging distro (they can fit on a floppy!) rather than Mandrake - depends on what you are trying to achieve. Chris

Have a look in /etc/resolv.conf - is the nameserver set up correctly? Failing that, go through the simple network setup and then get back to us with the output of the commands and contents of the files listed if it is still no better. You could also install a packet sniffer (ethereal is on your install disk) to see what is happening, if you understand a little about networking. chris

First, as you have a router, you don't need PPPoE, so remove it in the software manager. Disable plug and play in your BIOS - this has caused card recognition problems in the past. Assuming tulip is the correct module for this card: We need to make sure your network card module is loaded: lsmod | grep tulip should give you output something like "tulip 14380 1 (autoclean)". The exact output is not important - just as long as you get some output - no output means the driver module is not loaded. You can load it with 'modprobe tulip'. May pay to 'rmmod tulip' first to remove it. Post the output of these commands here if it doesn't work. Then have a look at the sticky posts at the top of the networking forum for more info and howtos. Post any output and the contents of the files specified in the howto if you have any problems, and we would be delighted to help! Good luck Chris

Bit scary using the windows box to dial up with - caught anything lately? :) The file /etc/sysconfig/net_resolv.default might be worth altering. If you still have no luck: Have a look at my howto: simple network setup your setup should look something like it - this is what you are trying to do. I think the main points are to make sure DHCP is disabled and make sure you have your ISPs DNS server at the top of /etc/resolv.conf (unless you really are running a nameserver on your windows box??) - see if that works. Your gateway should be 192.168.0.1. Post the config files mentioned at the bottom of the howto if you are still stuck. Chris

What is your physical config? 192.168.0.1 is a private address - presumeably a router/cable modem running a DNS server? If so, it may also be running a DHCP server - check that is not issuing 127.0.0.1 as the primary DNS. How are you changing the DNS address? You can change it manually by editing /etc/resolv.conf as root. Depending on where it is getting changed, you may also (as a dirty hack) be able to copy a new resolv.conf over the top of the old one in /etc/rc.d/rc.local - something like 'cp /etc/resolv.good /etc/resolv.conf' chris

Those lines should read #enable ipforwarding echo "1" > /proc/sys/net/ipv4/ip_forward && #enable masquerading iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE Stick a couple of carriage returns in there! Chris