network firewalling situation
Hi all,
I'm setting up a machine here to take over the job of our firewall
temporarily. Both machines have the same network cards in the same
configuration. The current firewall is a debian 2.0 machine running
kernel 2.0.29 on an i486. The temp machine is an i386, debian 2.1, kernel
2.2.10. I'm using the same setup scripts in the same order to make the
computer route packets between two networks, but it just isn't working on
the i386. Can anybody tell me what I'm doing wrong?
Thanks in advance,
Dan DeMond
--Network script for current firewall--
#! /bin/sh
ifconfig lo 127.0.0.1
route add -net 127.0.0.0
#portsentry and big brother stuff
portsentry -tcp
/usr/src/bb/runbb.sh
ifconfig eth0 207.106.55.188 netmask 255.255.255.192 broadcast 207.106.55.191
ifconfig eth0:0 207.106.55.187 netmask 255.255.255.192 broadcast 207.106.55.191
ifconfig eth1 207.106.55.126 netmask 255.255.255.192 broadcast 207.106.55.127
# Kernel IP routing table
# Destination Gateway Genmask Iface
/sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo
/sbin/route add 207.106.55.187 eth0:0
/sbin/route add -net 207.106.55.128 netmask 255.255.255.192 eth0
/sbin/route add -net 207.106.55.64 netmask 255.255.255.192 eth1
/sbin/route add -net 207.106.55.8 gw 207.106.55.123 netmask 255.255.255.248 eth1
/sbin/route add -net 207.106.55.16 gw 207.106.55.123 netmask 255.255.255.240 eth1
/sbin/route add -net 0.0.0.0 gw 207.106.55.190 netmask 0.0.0.0 eth0
# Firewall Filters
ipfwadm -F -p deny
ipfwadm -F -a accept -S 0.0.0.0/0 -D 0.0.0.0/0
#IPADDR=207.106.55.237
#NETMASK=255.255.255.248
#NETWORK=207.106.55.232
#BROADCAST=207.106.55.239
#GATEWAY=207.106.55.238
#ifconfig eth0 ${IPADDR} netmask ${NETMASK} broadcast ${BROADCAST}
#route add -net ${NETWORK}
#route add default gw ${GATEWAY} metric 1
--End--
--ipx script for current firewall--
#!/bin/sh
#
# ipx Bring up/down IPX networking
#
test -f /usr/sbin/ipx_configure || exit 0
# Source function library.
. /etc/init.d/functions
. /etc/ipx.conf
case "$1" in
start)
if [ ${IPX_CONFIGURED} = "yes" ]; then
if [ ${IPX_INTERNAL_NET} = "yes" ]; then
ipx_internal_net add ${IPX_NETNUM}
else
ipx_interface add -p ${IPX_DEVICE} \
${IPX_FRAME} ${IPX_NETNUM}
fi
if [ ${IPX_SERVER_ROUTE} = "yes" ]; then
ipx_route add ${IPX_SERVER_NETNUM} \
${IPX_NETNUM} \
${IPX_SERVER_NODENUM}
fi
fi
ipx_configure \
--auto_primary=${IPX_AUTO_PRIMARY} \
--auto_interface=${IPX_AUTO_INTERFACE}
# touch /var/lock/subsys/ipx
;;
stop)
ipx_configure --auto_primary=off --auto_interface=off
ipx_interface delall
# rm -f /var/lock/subsys/ipx
;;
*)
echo "Usage: network {start|stop}"
exit 1
esac
exit 0
--End--
--ipxripd script for current firewall--
#! /bin/sh
#
# This file was automatically customized by debmake on Jan 9, 1997.
#
# Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>.
# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>.
# Modified for Debian by Christoph Lameter <clameter@debian.org>
PATH=/bin:/usr/bin:/sbin:/usr/sbin
DAEMON=/usr/sbin/ipxd
# The following value is extracted by debstd to figure out how to generate
# the postinst script. Edit the field to change the way the script is
# registered through update-rc.d (see the manpage for update-rc.d!)
FLAGS="defaults 40"
test -f $DAEMON || exit 0
case "$1" in
start)
echo -n "Starting IPX RIP/SAP daemon: ipxd"
start-stop-daemon --start --exec $DAEMON
echo "."
;;
stop)
echo -n "Stopping IPX RIP/SAP daemon: ipxd"
start-stop-daemon --stop --exec $DAEMON
echo "."
;;
*)
echo "Usage: /etc/init.d/$0 {start|stop}"
exit 1
;;
esac
exit 0
--End--
--ipxconfigure.rcS script for current firewall--
#!/bin/sh
# This script configures the Ethernet cards to route IPX
# packets when hedge boots up.
/usr/sbin/ipx_interface delall
/usr/sbin/ipx_interface add -p eth1 etherii 0000011D
/usr/sbin/ipx_interface add eth0 etherii 00000DDD
/usr/sbin/ipxd
--End--
Reply to: