Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

[solved] Blew up my internet access
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Tony0945
Watchman
Watchman


Joined: 25 Jul 2006
Posts: 5127
Location: Illinois, USA
PostPosted: Sun May 05, 2019 2:13 am    Post subject: [solved] Blew up my internet access Reply with quote
Actually, I have it at the point where I can emerge but I can't ping!
Code:
tony@MSI ~ $ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=120 time=12.3 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=120 time=11.7 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=120 time=11.3 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 5ms
rtt min/avg/max/mdev = 11.309/11.774/12.271/0.393 ms
tony@MSI ~ $ ssh root@192.168.0.130
Password:
k6 ~ # ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
155 packets transmitted, 0 received, 100% packet loss, time 174ms


I was trying to setup shorewall and screwed up somehow. This box has three NIC's and I was trying to set up the three zone example.
I have stopped two off the NIC's leaving only the one that been DMZ live. I unmerged shorewall, cleared iptables, turned iptables off and rebooted to no avail.
Attempting to pastebin /etc/conf.d/net resulted in:
Code:
k6 ~ # wgetpaste /etc/conf.d/net
Apparently nothing was received. Perhaps the connection failed. Enable --verbose or
--debug to get the output from wget that can help diagnose it correctly.

Here is /etc/conf.d/net
Code:
config_eth0="dhcp"
#config_wan0="dhcp"

rc_verbose="no"

#configure WAN
config_wan0="192.168.0.107 netmask 255.255.0.0"
routes_wan0="default gw 192.168.0.1"
dns_servers_wan0="8.8.8.8 "

#configure LAN
config_lan0="192.168.0.106 netmask 255.255.255.0"
routes_lan0="default gw 192.168.0.1"
dns_servers_lan0="8.8.8.8 "

#configure WIRELESS
#config_wlan0="192.168.0.2  netmask 255.255.0.0"   
#routes_wlan0="default gw 192.168.0.1"
config_lan2="192.168.0.130 netmask 255.255.255.0"
routes_lan2="default gw 192.168.0.1"
dns_servers_lan2="8.8.8.8 "

#config_eth2="192.168.0.131 netmask 255.255.255.0"
#routes_eth2="default gw 192.168.0.1"
#dns_servers_eth2="127.0.0.1 "



#modules="${modules} !adsl !br2684ctl !bridge !clip !netplugd !ifplugd !ipppd !pump !pppd    "

modules="ethtool !iproute2"    #prefer ifconfig

#modules_wlan0=" ${modules} wpa_supplicant"

#use local dnsmasq

carrier_timeout_lan0=10   #fix for e1000

# The network scripts are now part of net-misc/netifrc
# In order to avoid sys-apps/openrc-0.12.4 from removing this file, this comment was
# added; you can safely remove this comment.  Please see
# /usr/share/doc/netifrc*/README* for more information.


ifdown_lan0="no"
ethtool_change_lan0="wol g"
ifdown="no"
postdown() {
      [ "${IFACE}" = "lan0" ] && ethtool -s "${IFACE}" wol g
             return 0
       }


EDIT: This is a 32 bit system.
EDIT 2: The router log is full of these:
Code:
[INFO]   Sat May 04 22:04:04 2019   Dropped packet from 192.168.0.130 to 8.8.8.8 (IP protocol 1) as unable to create new session
[INFO]   Sat May 04 22:04:04 2019   Internet access port filter dropped packet from 192.168.0.130 to 0.0.0.34 (protocol 134744072)
[INFO]   Sat May 04 22:04:04 2019   Dropped packet from 192.168.0.130 to 8.8.8.8 (IP protocol 1) as unable to create new session
[INFO]   Sat May 04 22:04:04 2019   Internet access port filter dropped packet from 192.168.0.130 to 0.0.0.33 (protocol 134744072)


Last edited by Tony0945 on Sun May 05, 2019 12:10 pm; edited 1 time in total
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 6920
PostPosted: Sun May 05, 2019 3:27 am    Post subject: Reply with quote
Sounds like something is corrupting packets. 134744072 is decimal for 0x08080808 - that's the IP address, not a protocol.

"unable to create new session" isn't a string that exists in the kernel, so something else is causing it.
Back to top
View user's profile Send private message
Tony0945
Watchman
Watchman


Joined: 25 Jul 2006
Posts: 5127
Location: Illinois, USA
PostPosted: Sun May 05, 2019 12:09 pm    Post subject: Reply with quote
192.168.0.130 Was the problem. That address was already assigned to a HP wireless printer. The printer's net access is restricted so the router was blocking traffic, but not all traffic. Not to mention duplicate addresses on the same local net. It was a wonder that I could ssh in.

I apologize for wasting forum time on such a stupid mistake.
Back to top
View user's profile Send private message
krinn
Watchman
Watchman


Joined: 02 May 2003
Posts: 7470
PostPosted: Sun May 05, 2019 12:38 pm    Post subject: Reply with quote
Tony0945 wrote:
I apologize for wasting forum time on such a stupid mistake.

you're wrong, people will see your mistake and might remember to check that ; almost all threads are useful and not a waste of time.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy