[Firewall] Squeeze dist-upgrade Wheezy broke internet access.

Tomas Larsson tomas at tlec.se
Sun Apr 20 17:55:54 CEST 2014


Had the same thing, when I did an update last week or so on my CENTOS 6.5

For some reason the update changed default GW to my internal instead of the
external.

Took some time before I realized what was going on.

 

With best regards

Tomas Larsson

 <mailto:tomas at tlec.se> tomas at tlec.se

 

From: Firewall [mailto:firewall-bounces at rocky.eld.leidenuniv.nl] On Behalf
Of Randy
Sent: Sunday, April 20, 2014 5:49 PM
To: Arno's IPTABLES firewall script
Subject: Re: [Firewall] Squeeze dist-upgrade Wheezy broke internet access.

 

/var/log/arno-iptables-firewall has alot of entries that look like 

Apr 20 10:35:26 external kernel: [590256.651326] AIF:PRIV UDP packet:
IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1e:4f:57:ed:07:08:00 SRC=192.168.0.102
DST=192.168.0.255 LEN=247 TOS=0x00 PREC=0x00 TTL=64 ID=11425 DF PROTO=UDP
SPT=138 DPT=138 LEN=227 

Apr 20 10:35:26 external kernel: [590256.651509] AIF:PRIV UDP packet:
IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1e:4f:57:ed:07:08:00 SRC=192.168.0.102
DST=192.168.0.255 LEN=231 TOS=0x00 PREC=0x00 TTL=64 ID=11426 DF PROTO=UDP
SPT=138 DPT=138 LEN=211 

Apr 20 10:40:05 external kernel: [590536.427363] AIF:PRIV UDP broadcast:
IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:f8:1e:df:ef:fb:ee:08:00 SRC=0.0.0.0
DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=255 ID=26770 PROTO=UDP
SPT=68 DPT=67 LEN=308 

Apr 20 10:40:06 external kernel: [590537.041686] AIF:PRIV UDP broadcast:
IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:f8:1e:df:ef:fb:ee:08:00 SRC=0.0.0.0
DST=255.255.255.255 LEN=328 TOS=0x00 PREC=0x00 TTL=255 ID=26771 PROTO=UDP
SPT=68 DPT=67 LEN=308 

I don't have any special network configs.

Basically the host acts as a router for my internal network.

eth0 = internet (direct connection to cable modem)

eth1 = local network /w dhcp, dns-cache, firewall, and nat

A more detailed discription of the issues and current settings can be found
at
<http://www.linuxquestions.org/questions/linux-networking-3/squeeze-dist-upg
rade-wheezy-broke-internet-access-4175501935/>
http://www.linuxquestions.org/questions/linux-networking-3/squeeze-dist-upgr
ade-wheezy-broke-internet-access-4175501935/

One thing I have not posted there is the routing table

route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

0.0.0.0 192.168.7.1 0.0.0.0 UG 0 0 0 eth1

192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0

192.168.7.0 0.0.0.0 255.255.255.224 U 0 0 0 eth1

This looks somewhat suspicious to me in that the gateway is on eth1 which is
my local network. But that is the way it is listed in
/etc/network/interfaces and it was working fine bofore the upgrade.

I have not had very much time to actually spend on the problem untill today.
If you see anything that looks worng please let me know.

Another issue I see often is that the help one can find online is often very
dated and does not apply because of system changes to Wheezy and Jessie.

Plodding on....

Thanks

 

On Friday, April 18, 2014 11:23:10 AM Arno van Amersfoort wrote:

> Weird, I'm running Debian as well on several boxes and I've never an

> issue like this. What do your firewalls logs show? Any special

> iptables/network configurations?

> 

> a.

> 

> On 13-Apr-14 21:38, Randy wrote:

> > First let me thank you for a fabulous set of scripts that have worked

> > flawlessly for me.

> > 

> > I have a host that had Debian Squeeze on it and I wanted to add some

> > functionality to it. Before I did it I wanted to update it to wheeezy so

> > it would be good for a couple years. After a successfull upgrade I no

> > longer have internet access through this host.

> > 

> > Do you know of any issues with the configuration of arno's between the

> > two versions of debian that may be causing the issue?

> > 

> > I have checked every thing I know to check in the hosts configuration

> > with no joy. The nic's are configured correctly, ip forwarding is turned

> > on, the iptables rules seam to be right, network-manager is not

> > installed, I have uninstalled resolveconf with no joy. I am getting very

> > frustrated with it.

> > 

> > If it was a normal box I would just reinstall it. But that requires

> > opening the case and hooking a cd-drive to it and burning an iso.

> > 

> > --

> > 

> > If it ain't broke tweek it

> > 

> > 

> > 

> > _______________________________________________

> > Firewall mailing list

> > Firewall at rocky.eld.leidenuniv.nl

> > http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall

> > Arno's (Linux IPTABLES Firewall) Homepage:

> > http://rocky.eld.leidenuniv.nl

> 

> _______________________________________________

> Firewall mailing list

> Firewall at rocky.eld.leidenuniv.nl

> http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall

> Arno's (Linux IPTABLES Firewall) Homepage:

> http://rocky.eld.leidenuniv.nl

 

-- 

If it ain't broke tweek it

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20140420/40de8892/attachment-0001.html>


More information about the Firewall mailing list