Skupiny Google už nepodporují nová předplatná ani příspěvky Usenet. Historický obsah lze zobrazit stále.
Dismiss

Problem with dlink DSL-Router

3 zobrazení
Přeskočit na první nepřečtenou zprávu

Markus Lechner

nepřečteno,
31. 10. 2002 18:50:0731.10.02
komu:
Hello,

first, i'm not on this list, so please cc me if you think you know what my
problem is.

I have a dlink DI-804 switch/DSL-Router and want to use it without it's
integrated DHCP funktionality.

So i disabled DHCP.

I can ping it, use it's web-interface to configure it or do this via it's
telnet-interface - no problem so far.

192.168.1.0 is my net.
192.168.1.100 is the IP of my PC.
192.168.1.254 is the IP of the dlink.

I have no problem using the DSL-Modem via PPPOE directly - everything works
fine.

But when i try to use the dlink between my PC and the modem - problems arise.

The dlink immediately opens a DSL-connection - so this is ok. He has the IP
and an external gateway.

But i just can't reach any websites - no matter what kind of address.

ping www.debian.de
ping: unknown host www.debian.de

ping 145.253.2.171
PING 145.253.2.171 (145.253.2.171) from 192.168.1.100 : 56(84) bytes of data.
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted

--- 145.253.2.171 ping statistics ---
2 packets transmitted, 0 received, 100% loss, time 1020ms

These are my routes:
route
Kernel IP Routentabelle
Ziel Router Genmask Flags Metric Ref Use Iface
192.168.1.254 * 255.255.255.255 UH 0 0 0 eth0
192.168.2.0 * 255.255.255.0 U 0 0 0 vmnet8
localnet * 255.255.255.0 U 0 0 0 eth0
localnet * 255.255.255.0 U 0 0 0 irda0
default 192.168.1.254 0.0.0.0 UG 0 0 0 eth0

My resolv.conf:
cat /etc/resolv.conf
nameserver 145.253.2.171
nameserver 145.253.2.203

With resolv.conf, there is another interesting thing. I don't know what it
means. The nameserver addresses that i got from my provider are different.
When i insert them again, next time i use pppd they change to the ones i send
you now. I don't know if the dlink can do this, too. But it seems not to be
the problem, right?

This is what my dlink says:
WAN MAC Address : 00-05-5D-DB-9B-32
Current IP : 213.23.6.138
Current IP Mask : 255.255.255.0
Current Gateway : 145.253.1.223
Current DNS1 : 145.253.2.11
Current DNS2 : 145.253.2.75

LAN MAC Address : 00-05-5D-DB-9B-31
Current IP : 192.168.1.254
Current Subnet Mask : 255.255.255.0

DHCP : Disable
Starting IP Address : 192.168.0.100
Number of IP Addresses : 100

Can you help me?
What am I doing wrong?

Thanks,

Markus Lechner


--
To UNSUBSCRIBE, email to debian-is...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org

Jeremy C. Reed

nepřečteno,
31. 10. 2002 19:20:0731.10.02
komu:

> 192.168.1.0 is my net.

> Starting IP Address : 192.168.0.100

Should this be the same?

(Or show us your ifconfig.)

Jeremy C. Reed
...................................................
BSD software, documentation, resources, news...
http://bsd.reedmedia.net/

Markus Lechner

nepřečteno,
31. 10. 2002 20:40:1531.10.02
komu:
> > 192.168.1.0 is my net.
> >
> > Starting IP Address : 192.168.0.100
>
> Should this be the same?
>
> (Or show us your ifconfig.)
>
Ah, this is a relict from the original address of the router - it was
192.168.0.1. But this should not be a problem - DHCP is disabled, so the
range is not a parameter of interest anymore.

BTW - i subscribed to the list now.

Anyway, my ifconfig:
ifconfig
eth0 Protokoll:Ethernet Hardware Adresse 00:20:E0:6B:6A:64
inet Adresse:192.168.1.100 Bcast:192.168.1.255 Maske:255.255.255.0
inet6 Adresse: fe80::220:e0ff:fe6b:6a64/10
Gültigkeitsbereich:Verbindung
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:2261036 errors:0 dropped:0 overruns:0 frame:1
TX packets:1861802 errors:0 dropped:0 overruns:2 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:100
RX bytes:1855772469 (1.7 GiB) TX bytes:1152573277 (1.0 GiB)
Interrupt:10 Basisadresse:0xd000

irda0 Protokoll:IrLAP Hardware Adresse 3c:26:43:12
inet Adresse:192.168.1.101 Maske:255.255.255.0
UP RUNNING NOARP MTU:2048 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:78491 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:8
RX bytes:0 (0.0 b) TX bytes:2490293 (2.3 MiB)
Interrupt:3 Basisadresse:0x2f8

lo Protokoll:Lokale Schleife
inet Adresse:127.0.0.1 Maske:255.0.0.0
inet6 Adresse: ::1/128 Gültigkeitsbereich:Maschine
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:428468 errors:0 dropped:0 overruns:0 frame:0
TX packets:428468 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:0
RX bytes:95725151 (91.2 MiB) TX bytes:95725151 (91.2 MiB)

Matias Lambert

nepřečteno,
1. 11. 2002 14:20:0801.11.02
komu:
Hi Markus,
I think that your problem is that you have some filter in your output chain of
you firewall configuration.
If you use iptable, you can view the filter with the command "iptables -L OUTPUT
-n -v"
regards,
Matias Lambert

Markus Lechner

nepřečteno,
1. 11. 2002 18:30:1801.11.02
komu:
> I think that your problem is that you have some filter in your output chain
> of you firewall configuration.
> If you use iptable, you can view the filter with the command "iptables -L
> OUTPUT -n -v"

This is the output - seems to be completely open:

iptables -L OUTPUT -n -v

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
553K 125M ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0

0 0 ACCEPT all -- * eth0 0.0.0.0/0
255.255.255.255
0 0 ACCEPT all -- * irda0 0.0.0.0/0
255.255.255.255
0 0 ACCEPT all -- * vmnet8 0.0.0.0/0
255.255.255.255
4757 575K ACCEPT all -- * eth0 0.0.0.0/0
192.168.1.0/24
0 0 ACCEPT all -- * irda0 0.0.0.0/0
192.168.1.0/24
2655 340K ACCEPT all -- * vmnet8 0.0.0.0/0
192.168.2.0/24
0 0 ACCEPT !tcp -- * eth0 0.0.0.0/0
224.0.0.0/4

0 0 ACCEPT !tcp -- * irda0 0.0.0.0/0
224.0.0.0/4

0 0 ACCEPT !tcp -- * vmnet8 0.0.0.0/0
224.0.0.0/4

0 0 LOG all -- * ppp0 0.0.0.0/0
192.168.1.0/24 LOG flags 0 level 4
0 0 DROP all -- * ppp0 0.0.0.0/0
192.168.1.0/24
0 0 LOG all -- * ppp0 0.0.0.0/0
192.168.1.0/24 LOG flags 0 level 4
0 0 DROP all -- * ppp0 0.0.0.0/0
192.168.1.0/24
0 0 LOG all -- * ppp0 0.0.0.0/0
192.168.2.0/24 LOG flags 0 level 4
0 0 DROP all -- * ppp0 0.0.0.0/0
192.168.2.0/24
0 0 ACCEPT all -- * ppp0 0.0.0.0/0
255.255.255.255
1239K 1108M ACCEPT all -- * ppp0 212.144.221.8 0.0.0.0/0

0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 4
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Matias Lambert

nepřečteno,
4. 11. 2002 8:30:1504.11.02
komu:
Hi Markus,
The packets go trought eth0 interface, You show it in the other email.

>route
>Kernel IP Routentabelle
>Ziel Router Genmask Flags Metric Ref Use Iface
>192.168.1.254 * 255.255.255.255 UH 0 0 0 eth0
>192.168.2.0 * 255.255.255.0 U 0 0 0 vmnet8
>localnet * 255.255.255.0 U 0 0 0 eth0
>localnet * 255.255.255.0 U 0 0 0 irda0
>default 192.168.1.254 0.0.0.0 UG 0 0 0 eth0

( If I understand you, you are not using pppoe, you are trying to route the
packets, is it ok? ).

You should have a rule in the output chain that ACCEPT packets to the
destination ( 0.0.0.0 or what you want ) for the interface eth0.
In your output chain you only accept packets with output interface eth0 to
255.255.255.255 ( broadcast ), to 224.0.0.0 ( multicast ) and to 192.168.1.0/24
( this is why you can ping and manage your dlink ).
That I can't understand is why you have a 0 in the drop packets count, do you
reset the counters before list the output?
Regards,
Matias Lambert

Markus Lechner

nepřečteno,
26. 11. 2002 0:20:0626.11.02
komu:
Hi Matias,

> ( If I understand you, you are not using pppoe, you are trying to route the
> packets, is it ok? ).
>

Yes.

> You should have a rule in the output chain that ACCEPT packets to the
> destination ( 0.0.0.0 or what you want ) for the interface eth0.
> In your output chain you only accept packets with output interface eth0 to
> 255.255.255.255 ( broadcast ), to 224.0.0.0 ( multicast ) and to
> 192.168.1.0/24 ( this is why you can ping and manage your dlink ).
>

Ok, i did this. But it did not work. I forgot that i used ipmasq, too, so i
disabled it. Maybe this interfered, don't know. And i changed the INPUT chain
in the same manner (which may be wrong, because then all the benefits of
packet filtering are gone).

Now the situation is the following:
I can ping the interface itself (the ppp-link held by the dlink) and i can
ping the gateway for this interface (which is already an outside address). I
can ping all the addresses outside - not by their names, but only by their
numerical addresses. So this is now a nameserver problem. The strange part is
that i can't reach those numerical addresses with any browser.

My resolv.conf looks like this:
search mydomain.net
nameserver 127.0.0.1
nameserver 192.168.1.254 (this is the dlink)
nameserver ... (of my provider)
nameserver ... (of my provider)

I read that the resolv.conf does only accept 3 addresses and played around a
bit. But no matter what combination i tried, i can't ping addresses by their
names but only by their numerical addresses. I disabled the internal firewall
and filter of the dlink completely just to make sure that this is not the
problem.

What am i doing wrong?
What's with the hosts,deny or hosts.allow files? Are they the ones i have to
modify?

> That I can't understand is why you have a 0 in the drop packets count, do
> you reset the counters before list the output?
>

Either i did a reboot or it's simply because i used pppoe without the dlink.

Thanks so far,

Mac

0 nových zpráv