Jump to content

wingcom

Members
  • Posts

    21
  • Joined

  • Last visited

wingcom's Achievements

New Here

New Here (1/7)

0

Reputation

  1. No Joy... Still fighting with this. I've configured my dhcp to put my ISP dns directly however I still want to know what this is :s All works accept queries from the local network. They don't seem to find their way to the internet or upper name servers. So a routing problem might be correct but I don't know how I should configure it then :s
  2. I already telnetted to it and it seemed open. Nonetheless, I ran the test: Discovered open port 53/tcp on 10.0.1.1 :s weird stuff
  3. Hey all, I've configured DHCPD, DNS, SHOREWALL and Internet Connection Sharing using the Mandriva Wizards but I'm having troubles with queries on the DNS through the LAN. My configuration is this: 1. Interface eth0 has a static IP 192.168.1.2 and connects to my ADSL router on IP 192.168.1.1 So this is the NET zone in shorewall. My wireless clients are also in this zone and receive an IP in that range from the router. eth0 Link encap:Ethernet HWaddr 00:E0:7D:A3:3D:02 inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::2e0:7dff:fea3:3d02/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:16472 errors:0 dropped:0 overruns:0 frame:0 TX packets:11445 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:17676496 (16.8 MiB) TX bytes:1270234 (1.2 MiB) Interrupt:18 Base address:0xef00 2. Interface eth1 also has static IP 10.0.1.1 and connects to the LAN. (XBOX and 2 other PC's) This is the LOC zone in shorewall. Default gateway for this is set to 192.168.1.1 I think this is done by the "Internet Connection Wizard" eth1 Link encap:Ethernet HWaddr 00:E0:7D:A3:3D:0F inet addr:10.0.1.1 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::2e0:7dff:fea3:3d0f/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:278 errors:0 dropped:0 overruns:0 frame:0 TX packets:96 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:24693 (24.1 KiB) TX bytes:13332 (13.0 KiB) Interrupt:19 Base address:0xe00 In shorewall I have masquerading set like this: #INTERFACE SUBNET ADDRESS PROTO PORT(S) IPSEC eth0 eth1 My routing table looks like this: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.0.1.0 * 255.255.255.0 U 10 0 0 eth1 192.168.1.0 * 255.255.255.0 U 10 0 0 eth0 169.254.0.0 * 255.255.0.0 U 10 0 0 eth0 169.254.0.0 * 255.255.0.0 U 10 0 0 eth1 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default 192.168.1.1 0.0.0.0 UG 10 0 0 eth0 I do NOT see any shorewall messages in my messages log and policy is set to this: loc net ACCEPT loc fw ACCEPT fw loc ACCEPT fw net ACCEPT loc loc ACCEPT net all DROP info all all REJECT info service named restart gives me: Jun 10 13:03:22 ENTERPRISE named[12044]: starting BIND 9.3.2 -u named -t /var/lib/named Jun 10 13:03:22 ENTERPRISE named[12044]: loading configuration from '/etc/named.conf' Jun 10 13:03:22 ENTERPRISE named[12044]: listening on IPv4 interface lo, 127.0.0.1#53 Jun 10 13:03:22 ENTERPRISE named[12044]: listening on IPv4 interface eth0, 192.168.1.2#53 Jun 10 13:03:22 ENTERPRISE named[12044]: listening on IPv4 interface eth1, 10.0.1.1#53 Jun 10 13:03:22 ENTERPRISE named[12044]: command channel listening on 127.0.0.1#953 I can do queries on the domain name server EXCEPT on interface 10.0.1.1 but I donot think its the nameserver itself but a network setup/ firewall or routing problem. dig @localhost google.com dig @192.168.1.2 google.com dig @127.0.0.1 google.com and dig @ENTERPRISE gives me: ; <<>> DiG 9.3.2 <<>> @localhost google.com ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18177 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 0 ;; QUESTION SECTION: ;google.com. IN A ;; ANSWER SECTION: google.com. 300 IN A 64.233.167.99 google.com. 300 IN A 64.233.187.99 google.com. 300 IN A 72.14.207.99 ;; AUTHORITY SECTION: google.com. 345600 IN NS ns1.google.com. google.com. 345600 IN NS ns2.google.com. google.com. 345600 IN NS ns3.google.com. google.com. 345600 IN NS ns4.google.com. ;; Query time: 464 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Sun Jun 10 13:05:22 2007 ;; MSG SIZE rcvd: 148 but dig @10.0.1.1 gives me: [root@ENTERPRISE wingcom]# dig @10.0.1.1 google.com ; <<>> DiG 9.3.2 <<>> @10.0.1.1 google.com ; (1 server found) ;; global options: printcmd ;; connection timed out; no servers could be reached All these commands are performed on the server... The reason why I think it has nothing to do with the DNS itself is that I also can't ping ip addresses from my connected clients on that interface. (nor can i ping/connect to hostnames of course) CORRECTION: I can now ping my ISP DNS Server IP from my connected client so i'm gonna post my named.conf because it DOES seem like a DNS problem after all: key mykey { algorithm hmac-md5; secret ""; }; controls { inet 127.0.0.1 port 953 allow { 127.0.0.1; } keys { mykey; }; }; options { directory "/var/lib/named/var/named"; pid-file "/var/lib/named/var/named/named.pid"; version "Wizard drake"; allow-query { any; }; allow-transfer { any; }; forwarders { 192.168.1.1; }; }; zone "localhost" { type master; file "zone/db.localhost"; }; zone "0.0.127.in-addr.arpa" { type master; file "zone/db.127.0.0.1"; }; zone "." { type hint; file "zone/root.hints"; }; zone "1.168.192.in-addr.arpa" { type master; file "zone/db.1.168.192.hosts"; forwarders { }; }; zone "STARFLEET.COM" { type master; file "zone/db.STARFLEET.COM.hosts"; forwarders { }; }; Ive had this setup before but I reinstalled a new motherboard and upgraded from 2005 to 2007 keeping only my homedir and reinstalling all the rest. So I must be overlooking something :s Can someone point me in the right direction please? I must be overlooking something but don't seem to find it :s thanx wingcom
  4. Hi, Since a few weeks my computer keeps rebooting at random. It has always been a stable system but now it just keeps on rebooting whenever it feels like it. My temperature is normal and I don't have a clue what is causing these reboots. Well I have some guesses but I want to be sure: I'm thinking that before it reboots it will receive an error/warning somewhere but so far I am unable to find something relevant. (i do have some catched buffer overruns by libsafe.so in ifplugd?) Anyone who can point me out to logs that are more likely to have information about the reboot/ or what to search for? Ive checked messages and syslog too but maybe I'm not searching for the right thing... thanx wingcom
  5. Problems were udev and wirless wizard related. check my post about hostap && udev.
  6. Back with a better solution: hostap and udev etc were so messed up that I reinstalled keeping my home dirs/settings. With the knowledge I got now I got it working. 1. When you install Mandriva 2007 with a prism2 card (mine is a senao prism 2.5) both the orinoco_cs and hostap_cs modules are loaded. No way to connect to your wireless access point with this setup. 2. udev made rules (in /etc/udev/rules.d) based on the orinoco_cs driver. So it creates a line in /etc/udev/rules.d/61-net_config.rules stating the card with that MAC address should be named "ethx". This is orinoco naming. 3. The card won't connect like this + I want only hostap_cs so that i'm sure it loads that one. 4. You blacklist the orinoco_cs, orinoco_plx, orinoco_pci and orinoco modules in /etc/modprobe.d/blacklist (create if it does not exist) 5. pccardctl eject 6. modprobe -r orinoco_cs 7. Remove or comment out the line earlier mentioned in /etc/udev/rules.d/61-net_config.rules 8. Now with only hostap_cs loaded, reinsert the card (pccardctl insert) 9. udev will now make the rules for hostap_cs correctly and add it to /etc/udev/rules.d/61-net_config.rules Both well known device names wlan0 and wifi0 are there and you can start using them. Another thing that makes it not work sometimes is the wizard (currently trying to figure out what they do and where they place their info but they tend to mess up stuff) For instance: when I moved it all to hostap and my devices reported back as wlan0 and wifi0 (through iwconfig/ifconfig) I opened up "Reconfigure Network Interface" from the mcc, in the list of interfaces i found ehternet: eth3! This was the orinoco naming and was still there, had to delete it, create it again (now with wlan0/INTERSIL). Without these corrected wizard settings there was no connect/associate possible on the card! Fixed it and connection succeeded.
  7. You shouldn't bump into a login screen DURING install, only afterwards You say: 1CD ? You didn't download the livecd now did you? Couldn't say if this is normal behaviour for the livecd cus i didn't test that one but everything you say sure sounds/looks and smells like it :) you should have 4CD's or a DVD... otherwise, i am as lost as you ^^
  8. <?php $dir = '/tmp'; $files1 = scandir($dir); ?> then just loop through the array and print them. for ($i = 0; $i <= count($files1); $i++) { //print your files here with html markup so you can link echo "<a href=\"".$dir."\/".$files1[$i]."\">".$dir."\/".$files1[$i]."</a>"; } top of my head, you might want to check the escaping chars and so on in the echo function cus i dont have a good editor in this little box that corrects me ;) You also have to put the other html tags on there :)
  9. Well you are right and I AM being awefully paranoid but I like to think thats why I'm still pretty sure no one is watching my traffic, viewing my home through a webcam, intercepting my bank account details, get into my coorporate network through me or watching me play tux racer for all I care they should not see how bad I am at that game :) About that coorporate network: let's say you work for IBM. Your mail adress is somehow linked to your real name which is found on the website of IBM. They cant get in the normal way so they start to search for employees who work there. What do they see? A network diagram that states: Coorporate Laptop hooked to router1 of type blahblah with ip blahblah. You have just become an interesting target cus they now know for sure that you hook your work-computer into your own network which has far less security. Paranoia again I know... But is it impossible? Decide for yourself if this situation is applicable to you. But I agree that for most home networks a diagram is not very usefull and the information can be obtained by other means. btw: correct me if I am wrong but the php-signature would only show the ip address to whoever displays it in his browser doesn't it? So as far as I know this wouldn't give ME the ip address of the user that views my signature?
  10. Ok, its working with the ndiswrapper driver now. I just had to unload the current driver (from RPM) and load the custom-built one (for custom kernel) :blush: Now it loads fine and can connect to the network. Its transmitting and receiving packets like it should, picks the correct route and pings the router. How unfortunate that these things tend to get broken all at the same time :s Well, at least one of them is fixed... But I hate things on my computer that don't work so I should get this to work with the Senao Prism2 Card as well! I hope it has nothing to do with the udev renaming stuff. What I've also noticed is: if I set the configuration manually through iwconfig and I point it to an non-protected wireless network in the neighbourhood with essid "Default" and afterwards I kill this connection/interface then I do ifup wlan0, it doesn't change the info to the info found at /etc/sysconfig/network-scripts/ifcfg-wlan0 Is this normal behaviour? If i use ifup shouldn it adjust to the settings in this network-scipt? It just stays on "Default"
  11. I remember I had those iptables rules when I used a modem . It was ppp0 and eth0 but the solution is the same i guess...; in shorewall.conf: # # ENABLE IP FORWARDING # # If you say "On" or "on" here, IPV4 Packet Forwarding is enabled. If you # say "Off" or "off", packet forwarding will be disabled. You would only want # to disable packet forwarding if you are installing Shorewall on a # standalone system or if you want all traffic through the Shorewall system # to be handled by proxies. # # If you set this variable to "Keep" or "keep", Shorewall will neither # enable nor disable packet forwarding. # IP_FORWARDING=On in /etc/shorewall/masq: Example 1: # # You have a simple masquerading setup where eth0 connects to # a DSL or cable modem and eth1 connects to your local network # with subnet 192.168.0.0/24. # # Your entry in the file can be either: # # eth0 eth1 # # or # # eth0 192.168.0.0/24 so: #INTERFACE SUBNET ADDRESS PROTO PORT(S) eth0 eth1 #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE in /etc/shorewall/interfaces ############################################################################## #ZONE INTERFACE BROADCAST OPTIONS net eth0 detect loc eth1 detect #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE Just set it up using the wizard and afterwards change these things. then do a "shorewall restart" as root I think it should work like this unless I forgot something.
  12. Sorry i posted this in the wrong section. Looked over this one i guess :s Anyways, its not a routing problem... I just can't connect when I got WEP encryption enabled :s I tried many different ways for configuring it, from Mandriva wizards to commandline. ifdown wlan0 iwconfig wlan0 essid "My network" iwconfig wlan0 mode managed iwconfig wlan0 enc on iwconfig wlan0 key open s:mykey ifup wlan0 Am I missing something? - I am sure about the key - The configuration is tested and works on a windows client - I can do monitor mode and find my AP. It reports a good signal strength iwlist wlan0 scan gives me a list... sometimes but not all the time :s I got alot of packets that I receive but are encrypted - RX Invalid Crypts - so thats where I saw my encryption isn't working. But I have no clue what this could be. I used to connect to the access point on Mandriva 2005 through a DWL-G122 USB Dongle. It normally has WPA encryption enabled but i changed it to WEP for testing purposes. I don't know whats going on here. I tried the hostap_cs AND the orinoco_cs drivers. None work... I also got an onboard Asus Wifi-g chip which i tried using ndiswrapper (which looks ok but I think I saw some dumps in the logs when loading it, eventhough it does not report something bad elsewhere) no success here either. Maybe its my pci-to-pcmcia bridge? Is this known to cause troubles? I read something about interrupt handling but that was only for older kernels?
  13. Ok, in your case ianw1974 its probably safe to share it since your router wont even let you in :D But its a good headsup to ppl not to put toooo much detail in it because some members included router-names and types, firewall types, etc etc. It all makes life for the attacker much easier and from the diagram it might also be possible to determine "easy" targets. I don't say this counts for everyone but just think it through before you post. On the other hand: its a forum about hardware and software that ppl are running so there is always good info here if the bad guys really want you :P my ip-ranges can be found here too and sometimes there is no escaping this if you want to be helped ... but a map is giving away all info on a centralized location.
  14. I agree... I went through alot of trouble setting things up as secure as possible so sharing it here doesn't seem like a good idea. Allthough my homelan is pretty secure, I prefer it remains a black box for the bad guys. And internal ip or not: What if they find (or already know for that matter) an exploit in this forum and retrieve your ip-adresses then that internal ip address or network architecture is not what you want to give away now is it?
  15. Hello, I have multiple interfaces to connect to the internet. I've got wired and non-wired access. Wired works fine and I am now trying to connect to a Open WEP protected wireless network. To do this I have the choice between 2 interface cards: one with a native driver (hostap_cs) which is 802.11b and an ndiswrapper wrapped one (Asus onboard which is 802.11g) Now everything looks fine (input here is from the configuration with the hostap_cs down and ndiswrapper up: [root@VOYAGER wingcom]# ndiswrapper -l Installed drivers: mrv8knt driver installed, hardware present [root@VOYAGER wingcom]# ifconfig eth0 Link encap:Ethernet HWaddr 00:11:D8:B2:25:3F UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Interrupt:177 eth1 Link encap:Ethernet HWaddr 00:11:D8:B2:2D:0F inet addr:10.0.1.227 Bcast:10.0.1.255 Mask:255.255.255.0 inet6 addr: fe80::211:d8ff:feb2:2d0f/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:577463 errors:0 dropped:0 overruns:0 frame:517 TX packets:461840 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:627796271 (598.7 MiB) TX bytes:124948958 (119.1 MiB) Interrupt:169 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:1553751 errors:0 dropped:0 overruns:0 frame:0 TX packets:1553751 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2221609601 (2.0 GiB) TX bytes:2221609601 (2.0 GiB) vmnet1 Link encap:Ethernet HWaddr 00:50:56:C0:00:01 inet addr:192.168.94.1 Bcast:192.168.94.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fec0:1/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:1134 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) vmnet8 Link encap:Ethernet HWaddr 00:50:56:C0:00:08 inet addr:192.168.210.1 Bcast:192.168.210.255 Mask:255.255.255.0 inet6 addr: fe80::250:56ff:fec0:8/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:1134 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) wlan2 Link encap:Ethernet HWaddr 00:11:D8:B2:34:DF inet addr:192.168.0.127 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Interrupt:74 Memory:cdd90000-cdda0000 The access point is on static ip mode (DWL-2000ap+). This configuration is tested with windows 2K and works! But the above "should work too"... however: i think my routes are messed up: [root@VOYAGER wingcom]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.210.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet8 10.0.1.0 0.0.0.0 255.255.255.0 U 5 0 0 eth1 192.168.0.0 0.0.0.0 255.255.255.0 U 35 0 0 wlan2 192.168.94.0 0.0.0.0 255.255.255.0 U 0 0 0 vmnet1 169.254.0.0 0.0.0.0 255.255.0.0 U 5 0 0 eth1 169.254.0.0 0.0.0.0 255.255.0.0 U 35 0 0 wlan2 0.0.0.0 10.0.1.1 0.0.0.0 UG 5 0 0 eth1 So according to this table the network 192.168.0.0-254 should pick wlan2 but it doesn't. Prove to this: [root@VOYAGER wingcom]# traceroute 192.168.0.50 traceroute: Warning: Multiple interfaces found; using 127.0.0.1 @ lo traceroute to 192.168.0.50 (192.168.0.50), 30 hops max, 46 byte packets 1 VOYAGER (127.0.0.1) 3002.313 ms !H 3004.797 ms !H 3005.140 ms !H Anybody any idea what could be wrong? If this were windows I would reboot but i'v learned that that is just a waste of time in linux. If it doesn't work like this, it won't work on reboot too :) which is a good thing actually :)) any suggestions are welcome thanx, wingcom [moved from Software by spinynorman]
×
×
  • Create New...