[Firewall] Squeeze dist-upgrade Wheezy broke internet access.

Randy thejunk.b at gmail.com
Sun Apr 20 17:48:58 CEST 2014


/var/log/arno-iptables-firewall  has alot of entries that look like 
 
Apr 20 10:35:26 external kernel: [590256.651326] AIF:PRIV UDP packet: 
IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1e:4f:57:ed:07:08:00 
SRC=192.168.0.102 DST=192.168.0.255 LEN=247 TOS=0x00 PREC=0x00 
TTL=64 ID=11425 DF PROTO=UDP SPT=138 DPT=138 LEN=227 
 
Apr 20 10:35:26 external kernel: [590256.651509] AIF:PRIV UDP packet: 
IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1e:4f:57:ed:07:08:00 
SRC=192.168.0.102 DST=192.168.0.255 LEN=231 TOS=0x00 PREC=0x00 
TTL=64 ID=11426 DF PROTO=UDP SPT=138 DPT=138 LEN=211 
 
Apr 20 10:40:05 external kernel: [590536.427363] AIF:PRIV UDP broadcast: 
IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:f8:1e:df:ef:fb:ee:08:00 SRC=0.0.0.0 
DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=255 ID=26770 
PROTO=UDP SPT=68 DPT=67 LEN=308 
 
Apr 20 10:40:06 external kernel: [590537.041686] AIF:PRIV UDP broadcast: 
IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:f8:1e:df:ef:fb:ee:08:00 SRC=0.0.0.0 
DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=255 ID=26771 
PROTO=UDP SPT=68 DPT=67 LEN=308 
 
I don't have any special network configs.
 
Basically the host acts as a router for my internal network.
 
eth0 = internet (direct connection to cable modem)
eth1 = local network /w dhcp, dns-cache, firewall, and nat
 
A more detailed discription of the issues and current settings can be 
found at http://www.linuxquestions.org/questions/linux-networking-3/squeeze-dist-upgrade-wheezy-broke-internet-access-4175501935/
 
One thing I have not posted there is the routing table
 
route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.7.1     0.0.0.0         UG    0      0        0 eth1
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.7.0     0.0.0.0         255.255.255.224 U     0      0        0 eth1
 
This looks somewhat suspicious to me in that the gateway is on eth1 which 
is my local network.  But that is the way it is listed in 
/etc/network/interfaces and it was working fine bofore the upgrade.
 
I have not had very much time to actually spend on the problem untill 
today.  If you see anything that looks worng please let me know.
 
Another issue  I see often is that the help one can find online is often very 
dated and does not apply because of system changes to Wheezy and 
Jessie.
 
Plodding on....
 
Thanks

On Friday, April 18, 2014 11:23:10 AM Arno van Amersfoort wrote:
> Weird, I'm running Debian as well on several boxes and I've never an
> issue like this. What do your firewalls logs show? Any special
> iptables/network configurations?
> 
> a.
> 
> On 13-Apr-14 21:38, Randy wrote:
> > First let me thank you for a fabulous set of scripts that have worked
> > flawlessly for me.
> > 
> > I have a host that had Debian Squeeze on it and I wanted to add some
> > functionality to it. Before I did it I wanted to update it to wheeezy so
> > it would be good for a couple years. After a successfull upgrade I no
> > longer have internet access through this host.
> > 
> > Do you know of any issues with the configuration of arno's between 
the
> > two versions of debian that may be causing the issue?
> > 
> > I have checked every thing I know to check in the hosts configuration
> > with no joy. The nic's are configured correctly, ip forwarding is turned
> > on, the iptables rules seam to be right, network-manager is not
> > installed, I have uninstalled resolveconf with no joy. I am getting very
> > frustrated with it.
> > 
> > If it was a normal box I would just reinstall it. But that requires
> > opening the case and hooking a cd-drive to it and burning an iso.
> > 
> > --
> > 
> > If it ain't broke tweek it
> > 
> > 
> > 
> > _______________________________________________
> > Firewall mailing list
> > Firewall at rocky.eld.leidenuniv.nl
> > http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> > Arno's (Linux IPTABLES Firewall) Homepage:
> > http://rocky.eld.leidenuniv.nl
> 
> _______________________________________________
> Firewall mailing list
> Firewall at rocky.eld.leidenuniv.nl
> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall
> Arno's (Linux IPTABLES Firewall) Homepage:
> http://rocky.eld.leidenuniv.nl

-- 
If it ain't broke tweek it
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20140420/c62f5116/attachment.html>


More information about the Firewall mailing list