[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Blockage on Internet maps - is a firewall intervening? Was: Re: PART DIAGNOSED: Re: Trying to install Google Earth on Lenny. How on earth??????

On Sunday 30 May 2010 05:27:40 godo wrote:
> Hi,

Hi, Goran, and many thanks for your reply.

> > But Firehol is complaining when I boot up that some
> > config file or other that it uses is not yet configured.  I don't have
> > time to read the message properly as it flashes past, but it is marked as
> > an error during the booting process.
>
> Can you maybe find that message in /var/log/syslog
> or somewhere in /var/log/ or dmesg?

The only part that seemed in any way related was:
[    0.290385] IP route cache hash table entries: 4096 (order: 2, 16384 bytes)
[    0.290652] TCP established hash table entries: 16384 (order: 5, 131072 
bytes)
[    0.290860] TCP bind hash table entries: 16384 (order: 5, 131072 bytes)
[    0.291064] TCP: Hash tables configured (established 16384 bind 16384)
[    0.291068] TCP reno registered
[    0.291201] NET: Registered protocol family 1
[    0.291350] checking if image is initramfs... it is

> > So it looks as tho' at least Firehol is trying to do something.  Could
> > this therefore be the problem?  As I say, my ignorance on the topic of
> > firewalls is distressingly abysmal.  :-(  I am at a loss to know where to
> > start or what to look at, or even what question to ask Google.
>
> I really don't anything about firewalls but if I correct understud what
> I was read on the net  Firehol corresponding with iptables.
>
> 'iptables -L'  will list all rules so maybe somebody from the list will
> notice something.

Tux:/home/lisi# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Tux:/home/lisi#

> On this site http://pwet.fr/man/linux/administration_systeme/firehol is
> written:
> 'firehol stop' "Stops a running iptables firewall by running
> CW/etc/init.d/iptables stop. This will allow all traffic to pass
> unchecked."
>
> So you can stop him and check is it problem in him or somewhere else.

Tux:/home/lisi# firehol stop


WARNING
File '/etc/firehol/RESERVED_IPS' is more than 90 days old.
You should update it to ensure proper operation of your firewall.

Run the supplied get-iana script to generate this file.

FireHOL: Clearing Firewall: OK

I ran iptables -L again after firehol stop, and got:

Tux:/var/log# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
Tux:/var/log# 

I have also uninstalled shorewall and fwbuilder.  I have since restarted.  The 
situation is better now, tho' still problematic.  (I restarted because my 
system locked up. :-(  Probably due ot memory problems.  I have been 
dithering over getting myself some more memory for a couple of months.  This 
sttled it, and I took the plunge.

Shall now try to make myself drop this until the memory arrives.

Lisi
Reply to: