| |
| |
| |
|
Page: 1 2 3
Comments:
<0> I would start on /var/log/messages
<1> or do i have to add a seperate rule for the outgoing traffic for queuing.
<2> m_athias: i can't see anything wrong there either
<1> ..over
<2> the last line is "Jul 29 13:11:39 gateway savecore: no core dump"
<2> m_athias can you see if you can ping braxen.mine.nu
<0> timo: wait until you have problems again
<2> well
<2> i have problems now :)
<0> yes I can ping it
<0> 64 bytes from 80.216.86.224: icmp_seq=10 ttl=243 time=93.428 ms
<1> plug a laptop directly into the gateway. if its all fine, must be switch or something. otherwise, if preoblem persists, it must be hardware on the internal interface.. im guessing
<2> try you webbrowser http://braxen.mine.nu/
<0> refused
<1> same here
<2> switch is replaced
<2> i can without any problems communicate with the internal interface on my gateway to my clients
<1> can you replace the external interface?
<1> nic
<2> why? i can, from the gateway, successfully communicate from the external interface to the Internet
<1> oh i see
<1> just reading back
<1> still getting ssh timeouts after replacing the switch?
<2> i dom't know how i can solve this :/
<1> keep trying
<1> cant you test it?
<2> i don't know how
<1> whats not working?
<1> :D
<2> :(
<2> i dont know wjhere to begin with
<2> what
<1> what cant you do
<2> what can i do
<1> heh
<1> whats the problem?
<2> shoudl i ask the question again?
<1> sure
<2> i can ping my dns from my openbsd gatweay, but am unable to ping this dns from the clients inside the lan; it has worked fine until a couple of hours ago
<1> is pf enabled?
<1> just check it all
<2> the pf ruleset is exactly the same as it has ever been before it stopped working
<1> pfctl -sn shows the nat rule ?
<2> -bash-3.1# pfctl -sn shows the nat rule ?
<2> pfctl: unknown command line argument: shows ...
<1> erm
<1> does pfctl work ?
<2> yes
<1> odd
<1> what version of bsd
<2> ive successfully setup webservers inside the lan which was rdr:ed from the gateway to the specific servers
<2> 3.9
<2> stable
<1> root@lucas:~$ pfctl -sn
<1> nat-anchor "ftp-proxy/*" all
<1> nat on pppoe0 from ! (pppoe0) to any -> (pppoe0:0)
<1> weird
<2> hmmm
<2> next time i tried it showed up liek this:
<1> sus out your pflog maybe too
<2> -bash-3.1# pfctl -sn
<1> ok
<1> your rules arent laoded
<1> type
<1> pfctl -f /etc/pf.conf
<1> what happens
<3> hello
<2> as i said before; it has worked fine until a couple of hours ago, and it still doesnt work, i kan type pfctl -sn again if you want to
<1> do you use nat?
<2> nat on rl1 inet from (rl0)/24 to any -> (rl1) round-robin
<2> rdr on rl1 inet proto tcp from any to any port = 1424 -> 192.168.0.2 port 1424
<2> rdr on rl1 inet proto udp from any to any port = 1424 -> 192.168.0.2 port 1424
<2> rdr on rl1 inet proto tcp from any to any port = 18431 -> 192.168.0.2 port 18431
<2> rdr on rl1 inet proto udp from any to any port = 18431 -> 192.168.0.2 port 18431
<2> rdr on rl1 inet proto tcp from any to any port = www -> 192.168.0.4 port 80
<2> rdr on rl1 inet proto udp from any to any port = www -> 192.168.0.4 port 80
<1> ok
<2> rdr on rl1 inet proto tcp from any to any port = www -> 192.168.0.4 port 443
<2> rdr on rl1 inet proto udp from any to any port = www -> 192.168.0.4 port 443
<1> ok now they are loaded
<1> type pfctl -e .. just to be sure
<1> if it is enabled already it will say. pfctl: pf already enabled
<2> pf enabled
<1> right
<1> it wasnt enabled
<1> try from your clients now
<2> how come it wasnt enabled?
<2> it wokrs
<1> check /etc/rc.conf
<1> make sure PF=YES
<2> nano /etc/rc.conf
<2> oops
<2> :)
<1> lol
<1> shuzbut
<3> /etc/rc.conf.local should be used instead
<1> dun matter
<3> yes, it does
<1> helps with upgarading though
<1> :P
<1> woukld still work
<1> thats all im saying
<3> yeah, it will
<1> although if rc.conf.local did have PF=NO, it would overide it
<2> it was disabled, but it has never been that before, how come it all of a sudden was pf=no?
<1> have you patched your sendmail ?
<2> no
<1> miay have been hacked
<1> do you run sendmail ?
<2> default installation
<1> and have port 25 open
<3> has anyone a clue about only 3 patches published on the openbsd page but 4 inside the 3.9.tar.gz archive ?
<1> maybe it jsut came out?
<1> whats the date?
<2> date of what
<1> sorry timo was talking to mihaipbs
<3> July, 28
<3> almost
<1> yep new
<1> a present for syadmin day perhaps?
<1> hehe
<2> m_athias: this is my pf.conf: http://members.chello.se/tiol/pf.conf
<1> timo: is it working now?
<1> http://www.openbsd.org/errata.html
<1> patch your sendmail
<2> it IS working, but i don't think i've been hacked, do you
<1> i have no idea mate, sorry
<1> but what else could it be
<1> things dont just change
<1> maybe you were on drugs and did it
<1> heheeh
<1> j/k
<2> im on drugs 24/7
<1> lol
<2> what's so funny about that?
<2> ;)
<1> me too
<1> thats what
<1> :P
<2> gbl and benzos
<1> beep
<2> styelz: please try open your webbroser and surf to http://braxen.mine.nu/
<3> drugs are evil
<2> just to make sure
<1> no drugs are good, people are evil
<1> :)
<2> oooooops
<2> the servers is shutdown
<2> 5 secs
<1> doh
Return to
#openbsd
or
Go to some related
logs:
college dropouts earn more
#windowsxp
#stocks
#politics
#winxp
#linuxhelp
#politics undernet jews
#microsoft
#politics
#aix
|
|