Hi there, We have an ISP: email, web, ftp, dns and radius servers. I'm trying to replace an old firewall (2.0.x kernel) with a new one (2.4.18 kernel). I am using the 'mimic' strategy, that is to say, getting the same routing table, ... etc.
*The problem*: The current "new firewall" configuration can not forward any package. Note that iptables is stopped and all policy (INPUT, OUTPUT & FORWARD) are set to ACCEPT. I think it is because of the routing table. I have eth0 and eth1. With the below /etc/network/interfaces' file I get two lines in the router table. Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 194.224.7.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 194.224.7.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 # /etc/network/interfaces -- configuration file for ifup(8), ifdown(8) # The loopback interface auto lo iface lo inet loopback # The first network card - this entry was created during the Debian installation # (network, broadcast and gateway are optional) auto eth0 iface eth0 inet static address 194.224.7.9 netmask 255.255.255.0 network 194.224.7.0 broadcast 194.224.7.255 gateway 194.224.7.1 auto eth1 iface eth1 inet static address 194.224.7.10 netmask 255.255.255.0 network 194.224.7.0 broadcast 194.224.7.255 Adding some routing rules to the previous 'interfaces' file (see attached file), to mimic the old firewall routing table I get the below: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.128.114.2 0.0.0.0 255.255.255.255 UH 0 0 0 eth1 194.224.7.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 10.128.114.4 0.0.0.0 255.255.255.255 UH 0 0 0 eth1 194.224.7.9 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 194.224.7.90 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 127.0.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 lo 194.224.7.0 0.0.0.0 255.255.255.128 U 0 0 0 eth1 194.224.7.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 <--- 194.224.7.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 <--- 0.0.0.0 194.224.7.1 0.0.0.0 UG 0 0 0 eth0 In the old system I have the same but without these two lines below. Is this the cause of the system not forwarding any package?. How could modigy the 'interfaces' file to remove these two lines?. See attached the '/etc/network/interfaces '. 194.224.7.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 194.224.7.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 Regards, Davi Leal -- # /etc/network/interfaces -- configuration file for ifup(8), ifdown(8) # The loopback interface auto lo iface lo inet loopback up route add 127.0.0.1 dev lo # The first network card - this entry was created during the Debian installation # (network, broadcast and gateway are optional) # eth0 goes to outside (Internet) auto eth0 iface eth0 inet static address 194.224.7.9 netmask 255.255.255.0 network 194.224.7.0 broadcast 194.224.7.255 # Default route to Internet via eth0 gateway 194.224.7.1 # Route to go to the Cisco 194.224.7.1 via eth0 up route add 194.224.7.1 dev eth0 # Route to go to Tunels Server 194.224.7.90 via eth0 up route add 194.224.7.90 dev eth0 # Route to go to internal firewall network card up route add 194.224.7.9 dev eth0 # eth1 goes to the internal network auto eth1 iface eth1 inet static address 194.224.7.10 netmask 255.255.255.0 network 194.224.7.0 broadcast 194.224.7.255 # gateway 194.224.7.1 # Route to 194.224.7.0/128 via eth1 up route add -net 194.224.7.0 netmask 255.255.255.128 dev eth1 # Route to Radius server via eth1 up route add 10.128.114.2 dev eth1 # Route to 'Telefonica Infovia' via eth1 up route add 10.128.114.4 dev eth1 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
