[Firehol-support] Secondary internet link fails
Daniel L. Miller
dmiller at amfes.com
Mon Oct 31 18:09:31 GMT 2005
Costa Tsaousis wrote:
> Daniel L. Miller wrote:
>
>> Oct 28 10:25:31 foxy OUT-unknown: IN= OUT=eth2 MAC= SRC=66.199.29.170
>> DST=66.199.29.169 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=41 DF PROTO=ICMP
>> TYPE=8 CODE=0 ID=9797 SEQ=42
>> Oct 28 10:25:32 foxy OUT-unknown: IN= OUT=eth2 MAC= SRC=66.199.29.170
>> DST=66.199.29.169 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=42 DF PROTO=ICMP
>> TYPE=8 CODE=0 ID=9797 SEQ=43
>> Oct 28 10:25:33 foxy OUT-unknown: IN= OUT=eth2 MAC= SRC=66.199.29.170
>> DST=66.199.29.169 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=43 DF PROTO=ICMP
>> TYPE=8 CODE=0 ID=9797 SEQ=44
>> Oct 28 11:08:07 foxy OUT-unknown: IN= OUT=eth2 MAC= SRC=192.168.0.1
>> DST=66.199.29.175 LEN=78 TOS=00 PREC=0x00 TTL=64 ID=8513 DF PROTO=UDP
>> SPT=137 DPT=137 LEN=58
>>
> OUT-unknown means "none of the defined interfaces matches this traffic".
> Also, this is traffic you are trying to send.
>
> To my understanding, if your config is like the one you sent, either:
>
> 1. You have a wrong UNROUTABLE_IPS variable, or
> 2. You have a broken BASH and firehol generates faulty rules.
>
> If you need help, please send me:
>
> a. Your exact config file
> b. the output of:
>
> firehol debug
>
> using the config you sent
>
> c.A few log lines, like above, but with the exact config you will send.
>
> Costa
OK - I think I'm getting closer.
On a hunch, I tried turning off my "eth1" - leaving eth0 and eth2.
It works perfect.
So - I believe I'm not facing a firehol problem (yeah!) - but a routing
problem. I guess there are some additional steps I need to take to set
up a router with two default interfaces.
So while it may be off-topic - can someone either advise me on this or
point me to a good reference?
--
Daniel
More information about the Firehol-support
mailing list