[ale] Internet Connection

Dow Hurst dhurst at kennesaw.edu
Tue Mar 12 15:46:47 EST 2002 

Drew,
I know that this seems very frustrating but reinstalling would not
help.  In fact, changing the values in a few text files that configure
parts of the system is all that is needed.

>From the output below I can see you have a default route set as:

Destination     Gateway         Genmask         Flags   MSS Window  irtt
Iface
0.0.0.0         192.168.123.254 0.0.0.0         UG       40 0          0
eth0

I am wondering why you have a subnet of xxx.xxx.123.xxx showing up when
your eth0 interface is probably set to: 192.168.1.xxx?  Why don't you
post the output of ifconfig -a on the list and I'll take a looksee.  To
set your machine to rights, you have already done much that is right.

Putting your ISPs nameservers in the /etc/resolv.conf file is correct. 
Making your default route point to the cable modem's inside interface is
correct.  Is your cable modem's inside interface 192.168.123.254? (Same
question as what I asked above just stated differently)

If you can ping your cable modem's inside interface:
ping 192.168.123.254

then that is a start.  Your ifconfig -a command should show your eth0
interface as 192.168.123.xxx.  If it doesn't then your subnetting is
screwed up.  Your netmask is what divides up your network and should be
255.255.255.0 for your situation.  Jerry Yu is probably right that your
cable modem isn't truly connected if your other machines can't get out
either.  You don't need a SEARCH command in your /etc/resolv.conf since
the /etc/nsswitch.conf takes precedence in configuring the nscd, name
service caching daemon.  At this point, I would just make sure that all
your home networked machines have the same subnetting scheme and netmask
such as 192.168.1.x and 255.255.255.0 to start with.  After this, I
would test pinging the cable modem's inside interface from each
machine.  Then test to see which machines can ping beyond the cable
modem.  Does your cable modem have a default firewall built into it to
prevent the outside world from reaching into your home?  If not then I
would leave the ipchains running on the Linux machine.  You should
duplicate for the ipchain's output chain what you have for the input
chain or you won't pass packets properly.  After looking at older posts
below I can see your chain rules are pretty restrictive so you can't use
ping but must use "telnet IP port#", such as telnet 192.168.1.5 80 to
test your connectivity.  If you put in an ICMP rule for ping then you
could use it.  I am coming in late to this so I hope I haven't
duplicated other posts too much.
Dow



"ChangingLINKS.com" wrote:
> 
> ALE, 03-12-02 1407
> Ok, I have tried the following 10 things (per advice from this list), and my
> Internet connection still does not work. Is there a way that I can remove
> -everything- related to networking and internet connection and reinstall the
> rpms from the CD? Normally, when I have a problem like this I do a re-install
> of the entire OS, but I am hoping that if I learn to fix this problem, then I
> will have to do less re-installs in the future and save time on computer
> upkeep.
> 
> 1. [root at tb1200 root]# ipchains -F
> ipchains: Incompatible with this kernel
> 
> 2. [root at tb10 root]# netstat -nr
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
> 192.168.123.254 0.0.0.0         255.255.255.255 UH       40 0          0 eth0
> 192.168.1.0     0.0.0.0         255.255.255.0   U        40 0          0 eth0
> 127.0.0.0       0.0.0.0         255.0.0.0       U        40 0          0 lo
> 0.0.0.0         192.168.123.254 0.0.0.0         UG       40 0          0 eth0
> 
> 3. [root at tb10 root]# ping 216.239.51.101
> PING 216.239.51.101 (216.239.51.101) from 192.168.1.130 : 56(84) bytes of
> data.
> --- 216.239.51.101 ping statistics ---
> 9 packets transmitted, 0 packets received, 100% packet loss
> You have new mail in /var/spool/mail/root
> [root at tb1200 root]#
> 
> 4. Check and see what your /etc/resolv.conf looks like to make sure it isn't
> looking for a nameserver that isn't there.
> resolv.conf contained no text
> 
> 5. [root at tb10 root]# rpm -qa ipch*
> ipchains-1.3.10-10
> 
> 6. [root at tb10 root]# rpm -e ipchains-1.3.10-10
> error: removing these packages would break dependencies:
>         ipchains is needed by lokkit-0.50-6
>         ipchains is needed by firewall-config-0.95-4
>         ipchains is needed by gnome-lokkit-0.50-6
> 
> 7. [root at tb10 root]# rpm -e ipchains-1.3.10-10 lokkit-0.50-6
> firewall-config.0.95
> -4 gnome-lokkit-.50-6
> error: package lokkit-0.50-6 is not installed
> error: package firewall-config.0.95-4 is not installed
> error: package gnome-lokkit-.50-6 is not installed
> 
> 8. [root at tb10 root]# /etc/rc.d/init.d/network stop &&
> /etc/rc.d/init.d/ipchains stop \
> > && modprobe -r ipchains && /etc/rc.d/init.d/iptables start && iptables -L -n
> Shutting down interface eth0:                              [  OK  ]
> bash: /etc/rc.d/init.d/ipchains: No such file or directory
> [root at tb1200 root]#
> 
> 9.[root at tb10 root]# /etc/rc.d/init.d/network start
> Setting network parameters:                                [  OK  ]
> Bringing up interface lo:                                  [  OK  ]
> Bringing up interface eth0:                                [  OK  ]
> [root at tb1200 root]# ping 216.239.51.101
> PING 216.239.51.101 (216.239.51.101) from 192.168.1.130 : 56(84) bytes of
> data.
> 
> --- 216.239.51.101 ping statistics ---
> 23 packets transmitted, 0 packets received, 100% packet loss
> [root at tb1200 root]#
> 
> 10. Added the following to /etc/resolv.conf I decided to make the file like
> the computer that works, however, this didn't work either after starting and
> stopping /init.d/network and even rebooting.
> /etc/resolv.conf file:
> domain home.here
> nameserver 66.56.65.7
> nameserver 66.56.65.8
> search home.here
> 
> RE: [ale] Installfest Success / Internet Connection
> From: "Adrin" <haswes at mindspring.com>
> To: <x3 at changinglinks.com>
> Date: Tue, 12 Mar 2002 08:13:45 -0500
> 
> I am an amateur, but I think you last 2 ipchain rules are
> stopping the Internet surfing.    I think you can do a
> ipchains -F  and clear those rules.  Which is almost as good
> as it being removed.   Personally I have been using
> Iptables.
> 
> Adrin
> 
> RE: [ale] Installfest Success / Internet Connection
> From: "Adrin" <haswes at mindspring.com>
> To: <x3 at changinglinks.com>
> Date: Tue, 12 Mar 2002 08:15:51 -0500
> 
> Opps forgot something
> 
> Before you say that your internet connection doesn't work.
> Try pinging a known address.   Also try nslookup or dig.
> 
> If you do    and ip route show you can see
> your default gateway.
> 
> Adrin
> 
> Re: [ale] Installfest Success / Internet Connection
> From: Mike Still <StillWaxin at Yahoo.com>
>  To: x3 at ChangingLINKS.com
>  Date: 12 Mar 2002 08:15:19 -0500
> 
> You sure this isn't a name service problem?  Can you ping an IP address
> out on the internet?  Check and see what your /etc/resolv.conf looks
> like to make sure it isn't looking for a nameserver that isn't there.
> 
> An IP address to try and ping would be www.google.com (216.239.51.101).
> 
> RE: [ale] Installfest Success / Internet Connection
> From: "Chris Farris" <chrisf at primeharbor.com>
>  To: <x3 at ChangingLINKS.com>
>  Date: Tue, 12 Mar 2002 08:15:03 -0500
> 
> Each one of those lines that begins w/ ACCEPT or REJECT is a firewall
> rule.
> 
> Dump them with "ipchains -F" and see if your network works.....
> 
> Then go out and get a book on firewalls and reimplement it correctly, or
> do without a firewall, but I don't recommend that.
> 
> Chris
> 
> --
> Chris Farris
> Sr. Consultant
> PrimeHarbor Technologies
> http://www.primeharbor.com
> chrisf at primeharbor.com
> 
> Re: [ale] Installfest Success / Internet Connection
> From: Keith Hopkins <hne at hopnet.net>
> To: x3 at changinglinks.com
> Cc: ale at ale.org
> Date: Tue, 12 Mar 2002 18:45:59 +0900
> 
> I think you'll have to actually reboot (gasp!) to make the kernel quit using
> ipchains.  make sure your startup scripts don't try to initialize ipchains
> again on boot.
> 
> does the rpm -e actually remove anything?
> 
> shm is a shared memory device
> proc is ... proc ... reports live info from the kernel about different parts
> of your computer
> pts is for ttys
> 
> huh? What does DVD have to do with MIDI?
> proc probably gets involved in both.  shm might get involved in DVD.  I don't
> think pts would involve either.
> --
> Lost in Tokyo,
>    Keith
>      Jack of All Trades, Anarchist
> 
> [ale] Installfest Success / Internet Connection
> From: "ChangingLINKS.com" <ChangingLINKS.com at bigfoot.com>
> To: ale at ale.org
> Date: Fri, 12 Mar 2010 03:33:13 -0500
> 
> I ran this:
> /etc/rc.d/init.d/network stop && /etc/rc.d/init.d/ipchains stop \
> && modprobe -r ipchains && /etc/rc.d/init.d/iptables start && iptables -L -n
> 
> rpm -e ipchains
> 
> and now I get this:
> 
> [root at tb1200 root]# ipchains -L -n
> Chain input (policy ACCEPT):
> target     prot opt     source                destination           ports
> ACCEPT     tcp  -y----  0.0.0.0/0            0.0.0.0/0             * ->   22
> ACCEPT     udp  ------  0.0.0.0/0            0.0.0.0/0             67:68 ->
> 67
> :68
> ACCEPT     udp  ------  0.0.0.0/0            0.0.0.0/0             67:68 ->
> 67
> :68
> ACCEPT     all  ------  0.0.0.0/0            0.0.0.0/0             n/a
> REJECT     tcp  -y----  0.0.0.0/0            0.0.0.0/0             * ->   *
> REJECT     udp  ------  0.0.0.0/0            0.0.0.0/0             * ->   *
> Chain forward (policy ACCEPT):
> Chain output (policy ACCEPT):
> 
> but my Internet connection still doesn't work. Lan card still pings itself
> okay, and the router but not anything else. Please help. Thanks in advance.
> By the way, I also noticed that I have three new directories mounted under
> disk managment.
> 
> /dev/shm        /proc   /dev/pts
> 
> /proc would not "unmount" either. Does anyone have a clue as to why there are
> new folders and such? Do these have to do with DVD playing of midi sequencers?
> --
> 
> Re: [ale] Installfest Success / Internet Connection
> From: "Jerry Z. Yu" <z.yu at ptek.com>
>  To: <x3 at changinglinks.com>
>  Cc: "'Atlanta Linux User Group (E-mail)'" <ale at ale.org>
>  Date: Mon, 11 Mar 2002 16:46:16 -0500 (EST)
> 
>         conflicts with ipchains which is active by default?
>         "ipchains -L -n"
>         /etc/rc.d/init.d/network stop && /etc/rc.d/init.d/ipchains stop \
> && modprobe -r ipchains && /etc/rc.d/init.d/iptables start && iptables -L
> -n
>         if it works now, `rpm -e ipchains`
> 
> On Thu, 11 Mar 2010, ChangingLINKS.com wrote:
> 
> #I ran iptables -L -n as root on my daily use machine (that works) and my test
> #drive, and got the exact same error message. I usually select "high" as the
> #firewall setting during install because I found that if I don't my networked
> #games (D3 UT) will not work right. (Thanx for your help the other day Chris,
> #and your help now.)
> --
> Wishing you Happiness, Joy and Laughter,
> Drew
> http://www.ChangingLINKS.com
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
> sent to listmaster at ale dot org.

-- 
__________________________________________________________
Dow Hurst                   Office: 770-499-3428
Systems Support Specialist  Fax:    770-423-6744
1000 Chastain Rd.
Chemistry Department SC428  Email:dhurst at kennesaw.edu
Kennesaw State University         Dow.Hurst at mindspring.com
Kennesaw, GA 30144
*********************************
*Computational Chemistry is fun!*
*********************************

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list