Re: Help I am getting frustrated
Tzafrir Cohen wrote:
> On Sat, 22 Sep 2001, Robert Schweikert wrote:
>
> > I would like to switch to Debian, and once this is accomplished I'd like
> > to helpwith the project. However, switching has been much more
> > difficult than I anticipated. Anyway, right now I am trying to figure
> > out why I cannot get any packages from the internet. It appears that
> > there is a firewall running somewhere. I did not intentionally set that
> > up and I cannot figure out how to turn it off. Here are the messages
> > that are being logged.
> >
> > Sep 20 17:10:41 journey kernel: Packet log: input DENY ppp0PROTO=2
> > 209.247.23.242:65535 224.0.0.1:65535 L=28 S=0x00 I=31895 F=0x0000 T=1
> > (#6)
>
> Some broadcast. Is 209.247.23.242 one of your interfaces or a computer
> near you?
Don't know, could be the IP from my ISP.
>
>
> > Sep 20 17:48:23 journey kernel: Packet log: input DENY eth0 PROTO=17
> > 192.168.1.2:138 192.168.255.255:138 L=205 S=0x00 I=50609 F=0x0000 T=128
> > (#6)
>
> Part of the SMB traffic on your local network.
Any idea how I get rid of this? After I flushed ipchains this appeared to go
away.
>
>
> >
> > As can be seen, Idid succeed in getting ppp to dial in and connect to
> > my ISP, but that's the end of it. It appears as if everything coming
> > into the machine gets rejected. WHy? and how do I turn this off.
>
> Is that all the traffic that gets rejected?
Well I think I am a step closer in diagnosing the problem but I still need
some help. When I connect to my ISP the ISP's IP address is printed to the
log file. I can ping that IP address and all works fine. However, when I try
to ping my ISP's nameserver IP it fails. I think I might have a name
resolution issue.
Using the same IP address (for my ISP's name server) on my RedHat system ping
works just fine. I copied the resolv.conf from my RedHat system to the Debian
drive but that didn't work either. I have copied /etc/hosts, /etc/hosts.deny,
/etc/hosts.allow, and /etc/resolv.conf from my RedHat system to the Debian
drive, but still cannot get the networking (ppp to my ISP) to work. Any idea
what I am missing here?
>
>
> Even when you try 'apt-get update' ?
Get some weird error message when I try that. The error is probably related
to the name resolution issue.
>
>
> what is your /etc/apt/sources.list ?
cat /etc/apt/sources.list
# See sources.list(5) for more information, especialy
# Remember that you can only use http, ftp or file URIs
# CDROMs are managed through the apt-cdrom tool.
#deb http://http.us.debian.org/debian stable main contrib non-free
#deb http://non-us.debian.org/debian-non-US stable/non-US main contrib
non-free
#deb http://security.debian.org stable/updates main contrib non-free
# Get the test packages
deb http://http.us.debian.org/debian testing main contrib non-free
# Uncomment if you want the apt-get source function to work
#deb-src http://http.us.debian.org/debian stable main contrib non-free
#deb-src http://non-us.debian.org/debian-non-US stable non-US
#deb cdrom:[Debian GNU/Linux 2.2 r3 _Potato_ - Official i386 Binary-2
(20010427)]/ unstable contrib main non-US/contrib non-US/main
#deb cdrom:[Debian GNU/Linux 2.2 r3 _Potato_ - Official i386 Binary-1
(20010427)]/ unstable contrib main non-US/contrib non-US/main
>
>
> Yo get a list of local ipchains ruls run 'ipchains -L -n' ('-n' is so you
> won't waste a couple of minutes resolving names of IPs).
The out put looked as follows
Chain input (policy DENY):
target prot opt source destination ports
ACCEPT all ------ 0.0.0.0/0 0.0.0.0/0 n/a
DENY all ----l- 127.0.0.0/8 0.0.0.0/0 n/a
ACCEPT all ------ 0.0.0.0/0 255.255.255.255 n/a
ACCEPT all ------ 0.0.0.0/0 192.168.1.1 n/a
ACCEPT all ------ 0.0.0.0/0 192.168.1.255 n/a
DENY all ----l- 0.0.0.0/0 0.0.0.0/0 n/a
Chain forward (policy DENY):
target prot opt source destination ports
DENY all ----l- 0.0.0.0/0 0.0.0.0/0 n/a
MASQ all ------ 192.168.1.0/24 0.0.0.0/0 n/a
Chain output (policy DENY):
target prot opt source destination ports
ACCEPT all ------ 0.0.0.0/0 0.0.0.0/0 n/a
ACCEPT all ------ 192.168.1.1 0.0.0.0/0 n/a
ACCEPT all ------ 192.168.1.255 0.0.0.0/0 n/a
DENY all ----l- 0.0.0.0/0 0.0.0.0/0 n/a
Your help is appreciated.
Thanks,
Robert
>
>
> --
> Tzafrir Cohen
> mailto:tzafrir@technion.ac.il
> http://www.technion.ac.il/~tzafrir
--
Robert Schweikert MAY THE SOURCE BE WITH YOU
rjschwei@mindspring.com LINUX
Reply to: