Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19

Warning: Function ereg() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 4

Warning: Function split() is deprecated in ..../includes/class_postbit.php(345) : eval()'d code on line 19
no incomming connections on mandriva
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: no incomming connections on mandriva

  1. #1

    no incomming connections on mandriva

    i just installed mandriva (finaly got rid of my ancient mandrake install) but i can't seem to get any incomming connections. not even pings.

    however i van ping/ftp/ssh from mandriva to other systems. it even managed to get an ip from the dhcp.

    now i already figured... shorewall (firewall standard for mandriva)

    so i started editing that...

    in the policy file it used to be this:
    Code:
    fw    all   ACCEPT
    net   all   DROP    info
    all   all   DROP   info
    seemed to explain it all... 2nd line..

    so i changed it to:
    Code:
    fw    all   ACCEPT
    net   all   ACCEPT   info
    all   all   DROP   info
    restarted shorewall, didn't work(still no incomming connects.. got desperate and restarted the system still the same.

    i tried shorewall clear
    shorewall stop

    but it all didn't matter... still doesn't work

    system:
    p2 350
    192MB ram
    3com 10/100 lan
    6.5 gb disk
    mandriva 2006 (installed from mini image since i only needed the basics. installed with security settings 'higher')

  2. #2
    Moderator
    Good Guru
    Schotty's Avatar
    Join Date
    Jul 2001
    Location
    Milwaukee, WI
    Posts
    5,760
    Being a bit unfamilial with Shorewall, I am going to assume that its a supplement or replacement to iptables. If I am correct, I would stop or clear the rules out, then retest it. I am betting that there is a block rule of some sort that is preventing the connections in iptables itself that is not being cleared via shorewall.

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


  3. #3
    Moderator
    Good Guru
    Compunuts's Avatar
    Join Date
    May 2001
    Location
    California
    Posts
    3,935
    I don't run Mandriva so I can't really tell you what exactly is going on. BUT ......

    Being the user of shorewall myself, I might point you to the right direction.

    Shorewall's policy file is used for universal config. The "rules" file is what comes before policy file. Even if your stop your firewall, you need to flush all the iptables rules to accept the connections.

    Example rules are here for your reference. This box is my gateway.

    File "~/shorewall/policy"
    Code:
    #SOURCE         DEST            POLICY          LOG LEVEL       LIMIT:BURST
    loc             net             ACCEPT
    # If you want open access to the Internet from your Firewall
    # remove the comment from the following line.
    #fw             net             ACCEPT
    net             all             DROP            info
    # THE FOLLOWING POLICY MUST BE LAST
    all             all             REJECT          info
    #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
    File "~/shorewall/rules"
    Code:
    ACTION         SOURCE          DEST            PROTO   DEST    SOURCE  ORIGINAL#                                                       PORT    PORT(S) DEST
    #
    #       Accept DNS connections from the firewall to the network
    #
    #ACCEPT          fw              net             tcp     53
    #ACCEPT          fw              net             udp     53
    #
    #       Accept SSH connections from the local network for administration
    #
    ACCEPT          loc             fw              tcp     22
    #
    #       Allow Ping To And From Firewall
    #
    ACCEPT          loc             fw              icmp    8
    ACCEPT          net             fw              icmp    8
    ACCEPT          fw              loc             icmp    8
    ACCEPT          fw              net             icmp    8
    #
    #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
    So what you do is if you want, say, web connections, then replace port 22 with port 80, restart shorewall (which will reflush all your rules) and you should be good to go. Let us know how it went.

    HTH ...

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    - The truely community run Linux/Floss forum !

    No IT BS !!

  4. #4
    Moderator
    Good Guru
    Compunuts's Avatar
    Join Date
    May 2001
    Location
    California
    Posts
    3,935
    Quote Originally Posted by Schotty
    Being a bit unfamilial with Shorewall, I am going to assume that its a supplement or replacement to iptables.
    Shorewall is a firewall package that makes use of iptables but take away the need to know the settings. All you do is set the simple rules and it takes care of the rest such as actually inserting the rules set in iptables format.

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    - The truely community run Linux/Floss forum !

    No IT BS !!

  5. #5
    Moderator
    Good Guru
    Schotty's Avatar
    Join Date
    Jul 2001
    Location
    Milwaukee, WI
    Posts
    5,760
    Quote Originally Posted by Compunuts
    Shorewall is a firewall package that makes use of iptables but take away the need to know the settings. All you do is set the simple rules and it takes care of the rest such as actually inserting the rules set in iptables format.
    Thanks for the clarification.

    When it comes to firewalling, I just default to OpenBSD. So I have yet to really learn the firewalling rules more than what CentOS makes me know ;D

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.


  6. #6
    @ compunuts, i actually forgot the rules file i'm at my parents now (normally i'd ssh to my system ), but tomorrow i'm home so i'll try it then. i'll let you know how it goes but i think with your rules file as an example it shouldn't be that hard.

    thanks all for your replies!

  7. #7
    ok... this is what my rules file looks like:

    Code:
    ACCEPT   net   fw   icmp   8
    ACCEPT   fw   net   icmp
    so that can't be the problem. any other suggestions ?

  8. #8
    Moderator
    Good Guru
    Compunuts's Avatar
    Join Date
    May 2001
    Location
    California
    Posts
    3,935
    So you are pinging from the box OUTSIDE of your firewall box such as from your friend's connection or from your ISP's? If you want to be able to do it, you need to enable loc (local) setting to fw and net.

    Why don't you put all 4 in there and try it that way? Also, remember to restart your shorewall with /usr/sbin/shorewall restart as root.

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    - The truely community run Linux/Floss forum !

    No IT BS !!

  9. #9
    right now it is set up with only one interface. witch is connected to my router. my 3 other pc's are also on my router and the router connects to the internet and provides stuff like dhcp.

    so i try to ping from a local machine(also 1 interface) to another local machine using the local ip 10.0.0.9. the router simply acts as a switch in this case.

    i can ping from 10.0.0.9 to my other machines, but not the other way around. i even tried to take out the router, put a hub in place and set the ip's manually in stead of dhcp.

  10. #10
    Moderator
    Good Guru
    Compunuts's Avatar
    Join Date
    May 2001
    Location
    California
    Posts
    3,935
    Quote Originally Posted by raceeend
    right now it is set up with only one interface. witch is connected to my router. my 3 other pc's are also on my router and the router connects to the internet and provides stuff like dhcp.
    Okay, now this is the new information. You never told us that a router is involved. Did you check your router to see if there is firewall built into it? If so, is it enabled?

    I use Netgear (crappy POS, dont' get it) wireless AP plus router and it disabled ICMP by default plus enable firewall by default. There is no way for me to disable its firewall. I needed to do all sort of port forwarding to get things going unless I want to put in a box for DMZ.

    i can ping from 10.0.0.9 to my other machines, but not the other way around. i even tried to take out the router, put a hub in place and set the ip's manually in stead of dhcp.
    May be that's because you NEVER had this rule inserted.

    Code:
    ACCEPT          fw              loc             icmp    8
    ACCEPT          loc             fw              icmp    8
    If you only have fw to net, only from WAN will be allowed.

    Another common problem is your computer see another NIC as WAN/LAN while you wanted it to have the other way around. I had that before. I wanted to use built in NIC as WAN and another NIC on PCI port as LAN but for some reason, it sees built in NIC as LAN and the NIC on PCI as WAN. Until I switch the cables, it won't go. Something you can try, I guess.

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    - The truely community run Linux/Floss forum !

    No IT BS !!

Similar Threads

  1. server problem with connections
    By Omar Bacha in forum Linux - Hardware, Networking & Security
    Replies: 1
    Last Post: 07-10-2008, 11:37 PM
  2. (Plz read)How to use two internet connections in Linux
    By sosaited in forum Linux - Hardware, Networking & Security
    Replies: 4
    Last Post: 04-11-2008, 05:47 PM
  3. About Network Connections.
    By kelvinr2k4 in forum Windows - General Topics
    Replies: 1
    Last Post: 07-19-2006, 12:44 PM
  4. Dialup Connections via G.Policy
    By mjma2000 in forum Windows - General Topics
    Replies: 0
    Last Post: 06-07-2006, 04:56 AM
  5. ISP connections
    By gmoncrief in forum Linux - Hardware, Networking & Security
    Replies: 6
    Last Post: 07-13-2005, 10:45 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •