[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Configuring three nics on a gateway/web server



Hi,
after a two days-long headache I've got that probably I need some help.

I've successfully installed and configured Apache on a already working gateway box.

I know this can play a little unusual (web and gateway server in the same box)
but unfortunately at the moment I just have this hardware at my disposal.

However, I have inserted a third nic (eth2) on which the httpd daemon should have listen.
And here comes the hard bit;
        with eth0 and eth1 off and eth2 on Apache does responde.
        with eth0, eth1 and eth2 on Apache doesn't responde and got in /var/log/messages

        martian source 101.102.103.115 from 101.102.103.117, on dev eth2
        iptables-drop-src-norule: IN=eth0 SRC=101.102.103.117 DST=101.102.103.115 PROTO=TCP SPT=32777 DPT=80 SYN
        iptables-drop-src-norule: IN=eth0 SRC=101.102.103.117 DST=101.102.103.115 PROTO=TCP SPT=32777 DPT=80 SYN
        iptables-drop-src-norule: IN=eth0 SRC=101.102.103.117 DST=101.102.103.115 PROTO=TCP SPT=32777 DPT=80 SYN

The 101.102.103.117 IP comes from a 2nd machine where I launch the http request.
But why the router send http packets to the eth0 inteface,
or which interface receives packets from router ? I can't realize it.

Some information on box :
        kernel: 2.4.22
        grsecurity: 1.9.12-2.4.22
        patch-o-matic: 20030912
        iptables: 1.2.8
        httpd: 2.0.47

Some information on the net :
        eth0: gateway
        eth1: local net
        eth2: httpd

        network: 101.102.103.112
        broadcast: 101.102.103.119

        router: 101.102.103.113
        eth0: 101.102.103.114   netmask 255.255.255.248
        eth1: 192.168.0.1       netmask 255.255.255.0
        eth2: 101.102.103.115   netmask 255.255.255.255  <-- is this netmask correct ???

This is the routing table with eth0 and eth1 actived and eth2 off:
        101.102.103.112 0.0.0.0         255.255.255.248 U     0      0        0 eth0
        192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
        127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
        0.0.0.0         101.102.103.114 0.0.0.0         UG    0      0        0 eth0

This is the routing table with all interfaces on:
        101.102.103.112 0.0.0.0         255.255.255.255 U     0      0        0 eth2  <-- probably conflict ???
        101.102.103.112 0.0.0.0         255.255.255.248 U     0      0        0 eth0
        192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
        127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
        0.0.0.0         101.102.103.114 0.0.0.0         UG    0      0        0 eth0

Moreover, adding eth2, got in /var/log/messages:
        martian source 101.102.103.115 from 101.102.103.115, on dev eth0

The firewall seems to me ok.
This is all about eth2 how results from iptables-save :
        -A interface2_in -s 101.102.103.115 -j DROP 
        -A interface2_in -d 101.102.103.115 -p tcp -m state --state NEW,ESTABLISHED -m tcp --sport 1024:65535 --dport 80 -j ACCEPT 
        -A interface2_in -d 101.102.103.115 -p tcp -m state --state NEW,ESTABLISHED -m tcp --sport 1024:65535 --dport 443 -j ACCEPT 
        -A interface2_out -s 101.102.103.115 -p tcp -m state --state ESTABLISHED -m tcp --sport 80 --dport 1024:65535 -j ACCEPT 
        -A interface2_out -s 101.102.103.115 -p tcp -m state --state ESTABLISHED -m tcp --sport 443 --dport 1024:65535 -j ACCEPT 
        -A network1_in -s 101.102.103.115 -j DROP 

Any help will be very appreciated
Lucio



Reply to: