[ previous ] [ next ] [ threads ]
 
 From:  "Jared Patterson \(DSL AK\)" <JaredP at datacom dot co dot nz>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Using m0n0 with an external dsl router
 Date:  Wed, 22 Jun 2005 21:13:46 +1200
Hi All,
 
I Have setup another little lan trying to get m0n0 to work in my current setup. All hardware in this
setup is relatively the same other than the dsl router is the model below, Dynalink RTA 220. Heres
the current setup;
 
Internal Lan - 10.1.1.0/8
 
M0n0 Lan - 10.1.1.201
 
M0n0 Wan - 10.1.20.1
 
DSL Router - 10.1.20.200
 
DSL Router currently running DHCP which assigned 10.1.20.1 to Wan.
 
PC in Internal Lan is currently on a static setup with 10.1.1.201 set as the gateway. Dont know what
is going wrong as just before this setup, I installed Smoothwall which was setup exactly the same,
and ran with no errors. Although smoothwall kinda sucks, would be wicked to get m0n0 running. 
 
Attached is the status.php as im out of ideas. Any help would be greatly appricated.
 
Cheers
 
Jared
m0n0wall: status
Wed Jun 22 21:23:53 UTC 2005 

Note: make sure to remove any sensitive information (passwords, maybe also IP addresses) before
posting information from this page in public places (like mailing lists)!
Passwords in config.xml have been automatically removed. 

This status page includes the following information: 

System uptime 
Interfaces 
Routing tables 
ipfw show 
ipnat -lv 
ipfstat -v 
ipfstat -nio 
resolv.conf 
Processes 
dhcpd.conf 
ez-ipupdate.cache 
df 
racoon.conf 
SPD 
SAD 
last 200 system log entries 
last 50 filter log entries 
ls /conf 
ls /var/run 
config.xml 
System uptime 
 9:23PM  up 13 mins, 0 users, load averages: 0.13, 0.08, 0.04
 


Interfaces 
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	inet 10.1.1.201 netmask 0xff000000 broadcast 10.255.255.255
	ether 00:50:fc:90:43:93
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
	ether 00:50:fc:90:42:e2
	media: Ethernet autoselect (100baseTX <full-duplex>)
	status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
	inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
 


Routing tables 
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            10.1.20.200        UGSc        0       21    rl0
10                 link#1             UC          3        0    rl0
10.1.1.20          00:09:1d:00:e9:35  UHLW        9     1423    rl0    936
10.1.1.201         00:50:fc:90:43:93  UHLW        0       12    lo0
10.1.20.1          127.0.0.1          UGHS        1      192    lo0
10.1.20.200        link#1             UHLW        3      321    rl0
127.0.0.1          127.0.0.1          UH          2      220    lo0
 


ipfw show 
ipfw: getsockopt(IP_FW_GET): Protocol not available
 


ipnat -lv 
List of active MAP/Redirect filters:
map rl1 10.0.0.0/8 -> 0.0.0.0/32 proxy port ftp ftp/tcp
map rl1 10.0.0.0/8 -> 0.0.0.0/32 portmap tcp/udp auto
map rl1 10.0.0.0/8 -> 0.0.0.0/32

List of active sessions:

List of active host mappings:
 


ipfstat -v 
opts 0x40 name /dev/ipl
 IPv6 packets:		in 0 out 0
 input packets:		blocked 9 passed 1570 nomatch 0 counted 0 short 0
output packets:		blocked 0 passed 2191 nomatch 0 counted 0 short 0
 input packets logged:	blocked 9 passed 0
output packets logged:	blocked 0 passed 0
 packets logged:	input 0 output 0
 log failures:		input 0 output 0
fragment state(in):	kept 0	lost 0
fragment state(out):	kept 0	lost 0
packet state(in):	kept 107	lost 0
packet state(out):	kept 180	lost 0
ICMP replies:	0	TCP RSTs sent:	0
Invalid source(in):	0
Result cache hits(in):	6	(out):	0
IN Pullups succeeded:	0	failed:	0
OUT Pullups succeeded:	0	failed:	0
Fastroute successes:	0	failures:	0
TCP cksum fails(in):	0	(out):	0
Packet log flags set: (0)
	none
 


ipfstat -nio 
@1 pass out quick on lo0 from any to any
@2 pass out quick on rl0 proto udp from 10.1.1.201/32 port = 67 to any port = 68
@3 pass out quick on rl1 proto udp from any port = 68 to any port = 67
@4 pass out quick on rl0 from any to any keep state
@5 pass out quick on rl1 from any to any keep state
@6 block out log quick from any to any
@1 pass in quick on lo0 from any to any
@2 block in log quick from any to any with short
@3 block in log quick from any to any with ipopt
@4 pass in quick on rl0 proto udp from any port = 68 to 255.255.255.255/32 port = 67
@5 pass in quick on rl0 proto udp from any port = 68 to 10.1.1.201/32 port = 67
@6 block in log quick on rl1 from 10.0.0.0/8 to any
@7 block in log quick on rl1 proto udp from any port = 67 to 10.0.0.0/8 port = 68
@8 pass in quick on rl1 proto udp from any port = 67 to any port = 68
@9 block in log quick on rl0 from !10.0.0.0/8 to any
@10 skip 1 in proto tcp from any to any flags S/FSRA
@11 block in log quick proto tcp from any to any
@12 block in log quick on rl0 from any to any head 100
@1 pass in quick from 10.0.0.0/8 to 10.1.1.201/32 keep state group 100
@2 pass in quick from 10.0.0.0/8 to any keep state group 100
@3 pass in quick proto tcp/udp from any to any keep state group 100
@4 pass in quick proto icmp from any to any keep state group 100
@13 block in log quick on rl1 from any to any head 200
@1 pass in quick proto icmp from any to any keep state group 200
@2 pass in quick proto tcp/udp from any to any keep state group 200
@14 block in log quick from any to any
 


resolv.conf 
domain dataworx.co.nz
nameserver 10.1.20.200
 


Processes 
USER     PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED      TIME COMMAND
root     578  7.0  1.9  2452 2136  ??  SN    9:23PM   0:00.11 /usr/local/bin/php status.php
root     599  0.0  0.7  1328  820  ??  SN    9:23PM   0:00.01 sh -c ps xauww 2>&1
root     580  0.0  1.6  2372 1788  ??  S     9:23PM   0:00.02 /usr/local/sbin/mini_httpd -S -E
/var/etc/cert.pem -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid
root     579  0.0  1.6  2372 1788  ??  S     9:23PM   0:00.00 /usr/local/sbin/mini_httpd -S -E
/var/etc/cert.pem -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid
root     480  0.0  0.7  1112  784  ??  S     9:22PM   0:00.01 /usr/local/bin/msntp -r -P no -l
/var/run/msntp.pid -x 300 pool.ntp.org
root     104  0.0  0.7  1332  840  ??  I     9:11PM   0:00.01 /bin/sh /etc/rc.initial console
root      88  0.0  0.7  1328  792 con- I     9:11PM   0:00.11 /bin/sh /usr/local/bin/runmsntp.sh
/var/run/runmsntp.pid /var/run/msntp.pid 300  pool.ntp.org
nobody    85  0.0  0.6   952  700  ??  I     9:11PM   0:00.03 /usr/local/sbin/dnsmasq
root      80  0.0  1.4  2288 1616  ??  Ss    9:11PM   0:00.07 /usr/local/sbin/mini_httpd -S -E
/var/etc/cert.pem -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid
root      77  0.0  0.6   988  664  ??  Ss    9:11PM   0:00.02 /usr/sbin/syslogd -ss
root      72  0.0  1.1  1452 1204  ??  Ss    9:11PM   0:00.03 /sbin/ipmon -sD
root      63  0.0  0.9  1432 1076  ??  Is    9:11PM   0:00.01 /sbin/dhclient -nw -cf
/var/etc/dhclient.conf rl1
root       9  0.0  0.0     0    0  ??  DL    9:11PM   0:00.02  (syncer)
root       8  0.0  0.0     0    0  ??  DL    9:11PM   0:00.00  (vnlru)
root       7  0.0  0.0     0    0  ??  DL    9:11PM   0:00.00  (bufdaemon)
root       6  0.0  0.0     0    0  ??  DL    9:11PM   0:00.00  (pagedaemon)
root       5  0.0  0.0     0    0  ??  DL    9:11PM   0:00.00  (usbtask)
root       4  0.0  0.0     0    0  ??  DL    9:11PM   0:00.00  (usb0)
root       3  0.0  0.0     0    0  ??  DL    9:11PM   0:00.00  (taskqueue)
root       2  0.0  0.0     0    0  ??  DL    9:11PM   0:00.00  (cryptoret)
root       1  0.0  0.6  1056  660  ??  SLs   9:11PM   0:00.02 /sbin/init --
root     600  0.0  0.6  1076  628  ??  RN    9:23PM   0:00.00 ps xauww
root       0  0.0  0.0     0    0  ??  DLs   9:11PM   0:00.00  (swapper)
 


dhcpd.conf 
cat: /var/etc/dhcpd.conf: No such file or directory
 


ez-ipupdate.cache 
cat: /conf/ez-ipupdate.cache: No such file or directory
 


df 
Filesystem 512-blocks  Used Avail Capacity  Mounted on
/dev/md0c       19774 17592  2182    89%    /
/dev/ad0a       11838 10282  1556    87%    /cf
procfs              8     8     0   100%    /proc
 


racoon.conf 
cat: /var/etc/racoon.conf: No such file or directory
 


SPD 
No SPD entries.
 


SAD 
No SAD entries.
 


last 200 system log entries 

 


last 50 filter log entries 
Jun 22 21:11:23 aklpx01 ipmon[72]: 21:11:23.020845 2x rl1 @0:6 b 10.1.20.200,67 ->
255.255.255.255,68 PR udp len 20 328 IN
Jun 22 21:14:36 aklpx01 ipmon[72]: 21:14:36.189950 rl0 @0:11 b 10.1.1.20,2519 -> 207.68.178.16,80 PR
tcp len 20 40 -AR IN
Jun 22 21:15:51 aklpx01 ipmon[72]: 21:15:51.534036 rl0 @0:11 b 10.1.1.20,2440 -> 203.167.250.125,80
PR tcp len 20 40 -AF IN
Jun 22 21:15:53 aklpx01 ipmon[72]: 21:15:53.282636 rl0 @0:11 b 10.1.1.20,2440 -> 203.167.250.125,80
PR tcp len 20 40 -AF IN
Jun 22 21:15:57 aklpx01 ipmon[72]: 21:15:56.783079 rl0 @0:11 b 10.1.1.20,2440 -> 203.167.250.125,80
PR tcp len 20 40 -AF IN
Jun 22 21:16:04 aklpx01 ipmon[72]: 21:16:03.674620 rl0 @0:11 b 10.1.1.20,2440 -> 203.167.250.125,80
PR tcp len 20 40 -AF IN
Jun 22 21:16:17 aklpx01 ipmon[72]: 21:16:17.348311 rl0 @0:11 b 10.1.1.20,2440 -> 203.167.250.125,80
PR tcp len 20 40 -AF IN
Jun 22 21:16:45 aklpx01 ipmon[72]: 21:16:44.586292 rl0 @0:11 b 10.1.1.20,2440 -> 203.167.250.125,80
PR tcp len 20 40 -AF IN
 


ls /conf 
config.xml
 


ls /var/run 
dev.db
dhclient.pid
dnsmasq.pid
htpasswd
ipmon.pid
ld-elf.so.hints
log
mini_httpd.pid
runmsntp.pid
syslog.pid
utmp
 


config.xml 
<?xml version="1.0"?>
<m0n0wall>
    <version>1.4</version>
    <system>
        <hostname>aklpx01</hostname>
        <domain>dataworx.co.nz</domain>
        <dnsallowoverride/>
        <username>admin</username>
        <password>xxxxx</password>
        <timezone>Etc/UTC</timezone>
        <time-update-interval>300</time-update-interval>
        <timeservers>pool.ntp.org</timeservers>
        <webgui>
            <protocol>https</protocol>
            <port/>
        </webgui>
    </system>
    <interfaces>
        <lan>
            <if>rl0</if>
            <ipaddr>10.1.1.201</ipaddr>
            <subnet>8</subnet>
        </lan>
        <wan>
            <if>rl1</if>
            <mtu/>
            <spoofmac/>
            <ipaddr>dhcp</ipaddr>
            <dhcphostname/>
        </wan>
    </interfaces>
    <staticroutes>
    </staticroutes>
    <pppoe/>
    <pptp/>
    <bigpond/>
    <dyndns>
        <type>dyndns</type>
        <username/>
        <password/>
        <host/>
        <mx/>
    </dyndns>
    <dhcpd>
        <lan>
            <range>
                <from>192.168.1.100</from>
                <to>192.168.1.199</to>
            </range>
        </lan>
    </dhcpd>
    <pptpd>
        <mode/>
        <redir/>
        <localip/>
        <remoteip/>
    </pptpd>
    <dnsmasq>
        <enable/>
    </dnsmasq>
    <snmpd>
        <syslocation/>
        <syscontact/>
        <rocommunity>public</rocommunity>
    </snmpd>
    <diag>
        <ipv6nat>
            <ipaddr/>
        </ipv6nat>
    </diag>
    <bridge/>
    <syslog>
        <reverse/>
        <nentries>50</nentries>
        <remoteserver/>
    </syslog>
    <nat/>
    <filter>
        <rule>
            <type>pass</type>
            <interface>wan</interface>
            <protocol>icmp</protocol>
            <source>
                <any/>
            </source>
            <destination>
                <any/>
            </destination>
            <descr/>
        </rule>
        <rule>
            <type>pass</type>
            <interface>wan</interface>
            <protocol>tcp/udp</protocol>
            <source>
                <any/>
            </source>
            <destination>
                <any/>
            </destination>
            <descr/>
        </rule>
        <rule>
            <type>pass</type>
            <descr>Default LAN -&gt; any</descr>
            <interface>lan</interface>
            <source>
                <network>lan</network>
            </source>
            <destination>
                <any/>
            </destination>
        </rule>
        <rule>
            <type>pass</type>
            <interface>lan</interface>
            <protocol>tcp/udp</protocol>
            <source>
                <any/>
            </source>
            <destination>
                <any/>
            </destination>
            <descr/>
        </rule>
        <rule>
            <type>pass</type>
            <interface>lan</interface>
            <protocol>icmp</protocol>
            <source>
                <any/>
            </source>
            <destination>
                <any/>
            </destination>
            <descr/>
        </rule>
    </filter>
    <shaper/>
    <ipsec/>
    <aliases/>
    <proxyarp/>
    <wol/>
</m0n0wall>