[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Problem with dlink DSL-Router

Hi Markus,
The packets go trought eth0 interface, You show it in the other email.

>route
>Kernel IP Routentabelle
>Ziel            Router          Genmask         Flags Metric Ref    Use Iface
>192.168.1.254   *               255.255.255.255 UH    0      0        0 eth0
>192.168.2.0     *               255.255.255.0   U     0      0        0 vmnet8
>localnet        *               255.255.255.0   U     0      0        0 eth0
>localnet        *               255.255.255.0   U     0      0        0 irda0
>default         192.168.1.254   0.0.0.0         UG    0      0        0 eth0

( If I understand you, you are not using pppoe, you are trying to route the
packets, is it ok? ).

You should have a rule in the output chain that ACCEPT packets to the
destination ( 0.0.0.0 or what you want ) for the interface eth0.
In your output chain you only accept packets with output interface eth0 to
255.255.255.255 ( broadcast ), to 224.0.0.0 ( multicast ) and to 192.168.1.0/24
( this is why you can ping and manage your dlink ).
That I can't understand is why you have a 0 in the drop packets count, do you
reset the counters before list the output?
Regards,
Matias Lambert

Markus Lechner wrote:

> > I think that your problem is that you have some filter in your output chain
> > of you firewall configuration.
> > If you use iptable, you can view the filter with the command "iptables -L
> > OUTPUT -n -v"
>
> This is the output - seems to be completely open:
>
> iptables -L OUTPUT -n -v
> Chain OUTPUT (policy DROP 0 packets, 0 bytes)
>  pkts bytes target     prot opt in     out     source
> destination
>  553K  125M ACCEPT     all  --  *      lo      0.0.0.0/0            0.0.0.0/0
>
>     0     0 ACCEPT     all  --  *      eth0    0.0.0.0/0
> 255.255.255.255
>     0     0 ACCEPT     all  --  *      irda0   0.0.0.0/0
> 255.255.255.255
>     0     0 ACCEPT     all  --  *      vmnet8  0.0.0.0/0
> 255.255.255.255
>  4757  575K ACCEPT     all  --  *      eth0    0.0.0.0/0
> 192.168.1.0/24
>     0     0 ACCEPT     all  --  *      irda0   0.0.0.0/0
> 192.168.1.0/24
>  2655  340K ACCEPT     all  --  *      vmnet8  0.0.0.0/0
> 192.168.2.0/24
>     0     0 ACCEPT    !tcp  --  *      eth0    0.0.0.0/0
> 224.0.0.0/4
>
>     0     0 ACCEPT    !tcp  --  *      irda0   0.0.0.0/0
> 224.0.0.0/4
>
>     0     0 ACCEPT    !tcp  --  *      vmnet8  0.0.0.0/0
> 224.0.0.0/4
>
>     0     0 LOG        all  --  *      ppp0    0.0.0.0/0
> 192.168.1.0/24     LOG flags 0 level 4
>     0     0 DROP       all  --  *      ppp0    0.0.0.0/0
> 192.168.1.0/24
>     0     0 LOG        all  --  *      ppp0    0.0.0.0/0
> 192.168.1.0/24     LOG flags 0 level 4
>     0     0 DROP       all  --  *      ppp0    0.0.0.0/0
> 192.168.1.0/24
>     0     0 LOG        all  --  *      ppp0    0.0.0.0/0
> 192.168.2.0/24     LOG flags 0 level 4
>     0     0 DROP       all  --  *      ppp0    0.0.0.0/0
> 192.168.2.0/24
>     0     0 ACCEPT     all  --  *      ppp0    0.0.0.0/0
> 255.255.255.255
> 1239K 1108M ACCEPT     all  --  *      ppp0    212.144.221.8        0.0.0.0/0
>
>     0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0
>        LOG flags 0 level 4
>     0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: