Ipchains stops forwarding packets??

Ipchains stops forwarding packets??

Post by Johan Cronj » Fri, 04 Aug 2000 04:00:00



Hi

I have a weird problem regarding ipchains.  I have a firewall using ipchains
that masquerades packets form a LAN to the internet.  It worked well for
about 5 months now.  Recently the sever started to just stop forwarding the
packets through the firewall.  This happens about 1 to 2 times a day.  If I
run the ipchains script ( flush all the rules and put them in again ),
everything is then back to normal.  In the ipchains log file, the following
message appears at the end:
eth0 went into promiscuous mode.
eth0 went out of promiscuous mode.

This message appears about 4 times at the end of the log file.

If anyone has encountered the same problem and can help me to solve it, I
would appreciate it. ( I am using RH 6.1 )

Thanks for your help.

 
 
 

Ipchains stops forwarding packets??

Post by Chris Ahlstro » Fri, 04 Aug 2000 04:00:00



> Hi

> I have a weird problem regarding ipchains.  I have a firewall using ipchains
> that masquerades packets form a LAN to the internet.  It worked well for
> about 5 months now.  Recently the sever started to just stop forwarding the
> packets through the firewall.  This happens about 1 to 2 times a day.  If I
> run the ipchains script ( flush all the rules and put them in again ),
> everything is then back to normal.  In the ipchains log file, the following
> message appears at the end:
> eth0 went into promiscuous mode.
> eth0 went out of promiscuous mode.

Something similar has happened to me a couple times.  Start scanning
your system for intruders.  If you keep your system running all the
time,
some doofus will take an interest in it.

Chris

--
[X] Check here to always trust content from Chris
[ ] Check here to always trust e-mail sent using Microsoft software

 
 
 

Ipchains stops forwarding packets??

Post by CRAIG E RANSO » Fri, 04 Aug 2000 04:00:00




Quote:> eth0 went into promiscuous mode.
> eth0 went out of promiscuous mode.

Hmm. Weird! If you can, try to replace the Ehternet card with
another. Could be some weird hardware thing!

-- Craig (The Data Ferret)
http://www.pcferret.com/ for RARS, NetClip
Using Virtual Access 5.01 build 301 in Win98
Registered with the Linux Counter.  http://counter.li.org
ID #184149
"Do not meddle in the affairs of FERRETS..."

 
 
 

Ipchains stops forwarding packets??

Post by Manfred Bart » Fri, 04 Aug 2000 04:00:00



> eth0 went into promiscuous mode.
> eth0 went out of promiscuous mode.

> This message appears about 4 times at the end of the log file.

Promiscuous mode is used by programs like tcpdump, ethereal, ... and
by password sniffers.  Unless you have run one of those programs
yourself, it looks like your system has been compromised.  In the
latter case, and if you are using programs like telnet, ftp or pop on
your LAN, your other systems are probably compromised too.

--
Manfred Bartz

 
 
 

1. ipchains - forwarding - packet filtering

okay.. here is my scenario..

|---------------------------------------------------ISP
                                         |
                      DSL/CABLE(192.168.0.1)
                          ROUTER / SWITCH
                              |            |
                              |            |------------eth0 - LINUX BOX -
eth1 ------------  WIN2k IIS SERVER (192.168.10.2)
                              |              (192.168.0.2)
(192.168.10.1)
                              |
                              |
                              |---------LAPTOP(192.168.0.3)

The IIS Server is Running on PORT 80
From the Linux BOX, with Netscape Communicator.. I CAN connect to the win2k
IIS Machine by typing in it's IP .. (192.168.10.2)
However from the LAPTOP (192.168.0.3) I type in 192.168.0.2 and I would like
it to forward the request to the Win2k IIS Server on port 80..
This is not the CASE.. instead, the "connection with the server could not be
established"
I'm sure there is a ipchains line that will forward traffic arriving at
192.168.0.2 (eth0) through the Linux Box, out eth1 .. and into the IIS
Server.

The following is the only line in my ipchains..  it is allowing my win2k IIS
Server to communicate with the internet or the Laptop (192.168.0.3)

-A forward -i eth0 -s 192.168.10.0/24 -d 0.0.0.0/0 -j MASQ

At this point I am not concerned in being able to make the connection to the
IIS Server From the internet..  I would like to be able to type the linux
box eth0 IP in my browser (laptop) and have it forward me through to the IIS
Server.

- Thanks -

2. diald problems

3. ipchains: How do I forward packets from a specific port to another machine?

4. wield CDROM problem with 4.3 CD???

5. ipchains: forwarding packets HELP!!!

6. connection to modem hangs

7. Newbie, how do I stop loosing my forward rule in ipchains

8. Cannot rm /dev/hd6 (state always active)

9. IPCHAINS: Forwarding packets to specific devices

10. Stopping packet forwarding

11. IPCHAINS -F (or) IPCHAINS -F input, output, forward

12. Using "ipchains -P forward DENY" instead of disabling ip-forwarding?

13. Ipchains Port Forwarding RealEncoder