|
|
Re: dhcp & kernel: Unknown InputIN=eth0 ...: msg#00007security.firewalls.firestarter.user
On Fri, 2005-08-07 at 19:11 -0400, David Niemi wrote: > On Fri, 2005-08-07 at 18:07 -0500, Ryan wrote: > > On Fri, 2005-07-08 at 09:27 -0400, David Niemi wrote: > > > With the help of others I have gotten my FC4 system almost working, > > > except for firestarter. The system provides the firewall on eth1 and > > > dhcp on eth0 for my home network. I have the following kernel errors: > > > > > > Jul 7 19:10:37 rhonda dhcpd: Can't remove old lease database > > > backup /var/lib/dhcp/dhcpd.leases~: Permission denied > > > .... > > > Jul 7 19:10:37 rhonda dhcpd: > > > Jul 7 19:10:37 rhonda dhcpd: Listening on > > > LPF/eth0/00:e0:4c:20:eb:c3/192.168.0/24 > > > Jul 7 19:10:37 rhonda dhcpd: Sending on > > > LPF/eth0/00:e0:4c:20:eb:c3/192.168.0/24 > > > Jul 7 19:10:37 rhonda dhcpd: Sending on Socket/fallback/fallback-net > > > Jul 7 19:10:37 rhonda dhcpd: dhcpd startup succeeded > > > Jul 7 19:10:43 rhonda dhcpd: DHCPDISCOVER from 00:01:29:f9:02:86 via > > > eth0 > > > Jul 7 19:10:43 rhonda kernel: Unknown InputIN=eth0 OUT= > > > MAC=ff:ff:ff:ff:ff:ff:XX:XX:XX:f9:02:86:08:00 SRC=0.0.0.0 > > > DST=255.255.255.255 LEN=328 TOS=0x10 PREC=0x00 TTL=16 ID=0 PROTO=UDP > > > SPT=68 DPT=67 LEN=308 > > > Jul 7 19:10:44 rhonda dhcpd: DHCPOFFER on 192.168.0.200 to > > > 00:01:29:f9:02:86 (DavesA64.daveshome) via eth0 > > > Jul 7 19:10:44 rhonda kernel: Unknown InputIN=eth0 OUT= > > > MAC=ff:ff:ff:ff:ff:ff:XX:XX:XX:f9:02:86:08:00 SRC=0.0.0.0 > > > DST=255.255.255.255 LEN=328 TOS=0x10 PREC=0x00 TTL=16 ID=0 PROTO=UDP > > > SPT=68 DPT=67 LEN=308 > > > > > > The dhcp.leases~ has the following properties: > > > -rw-r--r-- root root system_u:object_r:dhcpc_state_t > > > /var/lib/dhcp/dhcpd.leases~ > > > > > > eth0 seems to be running and configured fine but the kernel is not > > > recognizing the Input from it, iptables or firestater configuration > > > error? > > > I tried Googling with no success and haven't seen any similar messages. > > > Any ideas on how I can get this working? > > If you don't do DHCP and assign workstations static IPs can they surf? > > Can they ping the firewall? > > > > I'd rather not get into setting static IP's as I connect my notebook to a > couple different networks and as it is a work notebook they really don't like > me monkeying with some of those settings. > > it seems that the one of the firewall settings is not right so it isn't > allowing > the communication out to the home network from the firewall for dhcp etc. > Here is the part of the results of iptables -L -n. I am curious about the NR in the INPUT chain DROP policy. Is there any reason from the below as to why dhcp won't work and/or I can't communicate with the home network. Chain FORWARD (policy DROP) target prot opt source destination ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 TCPMSS tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU OUTBOUND all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 192.168.0.0/24 state RELATED,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 192.168.0.0/24 state RELATED,ESTABLISHED LOG_FILTER all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Unknown Forward' Chain INBOUND (4 references) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT all -- 192.168.0.160/27 0.0.0.0/0 ACCEPT tcp -- 192.168.0.0/24 0.0.0.0/0 tcp dpt:22 ACCEPT udp -- 192.168.0.0/24 0.0.0.0/0 udp dpt:22 ACCEPT tcp -- 192.168.1.102 0.0.0.0/0 tcp dpt:22 ACCEPT udp -- 192.168.1.102 0.0.0.0/0 udp dpt:22 ACCEPT tcp -- 192.168.0.0/24 0.0.0.0/0 tcp dpts:67:68 ACCEPT udp -- 192.168.0.0/24 0.0.0.0/0 udp dpts:67:68 LSI all -- 0.0.0.0/0 0.0.0.0/0 Chain INPUT (policy DROP) target prot opt source destination ACCEPT tcp -- 24.153.22.67 0.0.0.0/0 tcp flags:! 0x16/0x02 ACCEPT udp -- 24.153.22.67 0.0.0.0/0 ACCEPT tcp -- 24.153.23.66 0.0.0.0/0 tcp flags:! 0x16/0x02 ACCEPT udp -- 24.153.23.66 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 NR all -- !192.168.1.0/24 0.0.0.0/0 DROP all -- 0.0.0.0/0 255.255.255.255 DROP all -- 0.0.0.0/0 192.168.1.255 DROP all -- 224.0.0.0/8 0.0.0.0/0 DROP all -- 0.0.0.0/0 224.0.0.0/8 DROP all -- 255.255.255.255 0.0.0.0/0 DROP all -- 0.0.0.0/0 0.0.0.0 DROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LSI all -f 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 INBOUND all -- 0.0.0.0/0 0.0.0.0/0 INBOUND all -- 0.0.0.0/0 192.168.0.1 INBOUND all -- 0.0.0.0/0 192.168.1.105 INBOUND all -- 0.0.0.0/0 192.168.0.255 LOG_FILTER all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Unknown Input' ------------------------------------------------------- This SF.Net email is sponsored by the 'Do More With Dual!' webinar happening July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual core and dual graphics technology at this free one hour event hosted by HP, AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: dhcp & kernel: Unknown InputIN=eth0 ...: 00007, David Niemi |
|---|---|
| Next by Date: | Re: dhcp & kernel: Unknown InputIN=eth0 ...: 00007, Ryan |
| Previous by Thread: | Re: dhcp & kernel: Unknown InputIN=eth0 ...i: 00007, David Niemi |
| Next by Thread: | Re: dhcp & kernel: Unknown InputIN=eth0 ...: 00007, Ryan |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |