[Firewall] Something about v1.9.2j

Dmitry pmf026 at int13.ru
Wed Mar 3 13:19:10 CET 2010


Here's my 'ip link show':

where eth0 is my ISP's LAN (external net), eth1 is my LAN (internal 
net), eth2 is DMZ (my wlan) and ppp25 is internet (via eth0, external)

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast 
state UNKNOWN qlen 1000 link/ether 00:80:48:4e:28:27 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast 
state UNKNOWN qlen 1000 link/ether 00:80:48:4e:27:fb brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast 
state UNKNOWN qlen 1000 link/ether 00:50:fc:c1:5e:00 brd ff:ff:ff:ff:ff:ff
229: ppp25: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1460 qdisc 
pfifo_fast state UNKNOWN qlen 3 link/ppp

Weird. Link state "UNKNOWN" I don't get it...why? any help will be 
appreciated.. I think some module is missing... its been running like 
this for almost 4 or 5 years xD

I'm running GNU/Linux Debian Lenny 5.0 (2.6.26-2-686).


Arno van Amersfoort пишет:
> Thanks for reporting the uninstall bug. I've fixed it.
>
> About the non existing interface errors. Mind posting the output of 
> "ip link show" ?
>
> Are you sure the firewall is started AFTER the network has been 
> brought up?
>
> And about the space/comma thing in variables. Most of the time both 
> work. Rule of the thumb is that space seperation should be used when 
> you want to group certain rules when using eg. interface restrictions 
> (which most ppl don't). For variables only takes interfaces both 
> spaces & commas are fine.
>
> a.
>
>
> Dmitry wrote:
>> Ok, I've upgraded from v1.9.2a to the latest build..
>>
>> Uninstall.sh has mistaken Y/N answers.. so No = Yes, and Yes = No... 
>> Do you want to uninstall? I press Y, and script takes it as No.
>>
>>
>> and when I run the script I see this:
>>
>> *************
>> Arno's Iptables Firewall Script v1.9.2j
>> ------------------------------------------------------------------------------- 
>>
>> Sanity checks passed...OK
>> NOTE: External interface eth0 does NOT exist (yet?)
>> NOTE: External interface ppp25 does NOT exist (yet?)
>> NOTE: Internal interface eth1 does NOT exist (yet?)
>> NOTE: DMZ interface eth2 does NOT exist (yet?)
>>
>> *************
>>
>> But all those interfaces are up and running. Everything is working 
>> well, but it's a little bit confusing...
>>
>> And a question, sometimes it says (in comments) that multiple 
>> interfaces should be space separated and sometimes comma separated... 
>> which separation method should I use?
>>
>> Thank you.
>>
>> Sincerely yours,
>> Dmitry.
>>
>> _______________________________________________
>> Firewall mailing list
>> Firewall at rocky.eld.leidenuniv.nl
>> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
>> Arno's (Linux IPTABLES Firewall) Homepage:
>> http://rocky.eld.leidenuniv.nl
>>
>



More information about the Firewall mailing list