[ previous ] [ next ] [ threads ]
 
 From:  "Beau Woods" <info at mazatecsolutions dot com dot au>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  FW: [m0n0wall] Extending factory network
 Date:  Mon, 12 Feb 2007 10:04:04 +1100 
These are the packets that are getting blocked all of the time.

Source: 192.168.2.199  Destination: 192.168.1.2,type echo/0  Protocol: ICMP

It is only these same packets.
Thanks for all the help you all are giving me.

Beau

-----Original Message-----
From: Lonnie Abelbeck [mailto:lists at lonnie dot abelbeck dot com] 
Sent: Monday, 12 February 2007 9:53 AM
To: Beau Woods
Subject: Re: [m0n0wall] Extending factory network

Beau,

Posting an example of the blocked packet your Firewall logs show  
might help.

You might also try a 'telnet' (even if rejected by destination) to  
test TCP and the problem is not 'ping' related.

Note any blocked packets in your logs.

Lonnie

On Feb 11, 2007, at 4:44 PM, Beau Woods wrote:

> Hi Lonnie,
> I just tried that and still no go.  This is really starting to bug  
> me and I
> need to try and have this set up today.
>
> Beau
>
> -----Original Message-----
> From: Lonnie Abelbeck [mailto:lists at lonnie dot abelbeck dot com]
> Sent: Monday, 12 February 2007 9:26 AM
> To: m0n0wall List
> Subject: Re: [m0n0wall] Extending factory network
>
> Beau,
>
> You might try checking (enabling) the option...
>
> System -> Advanced -> "Bypass firewall rules for traffic on the same
> interface"
>
> On the WRAP 1 side, where you are seeing dropped packets.
>
> Lonnie
>
> On Feb 11, 2007, at 4:17 PM, Beau Woods wrote:
>
>> Its odd because I can ping all of the interfaces on WRAP2 from the
>> computer
>> connected to it, it's just when I try to ping anything on the other
>> wrap
>> that it wont do.  I had a look in the logs on wrap1 and the IP
>> address is
>> coming up but with a cross next to it.  I think in may be getting
>> block??  I
>> thought that having ANY,ANY,ANY rules would let it all pass?
>>
>> Thanks
>> Beau
>>
>> -----Original Message-----
>> From: Beau Woods [mailto:info at mazatecsolutions dot com dot au]
>> Sent: Monday, 12 February 2007 9:09 AM
>> To: m0n0wall at lists dot m0n0 dot ch
>> Subject: RE: [m0n0wall] Extending factory network
>>
>> Computer 1 on WRAP1
>> ===================================================================== 
>> =
>> =====
>> Interface List
>> 0x1 ........................... MS TCP Loopback interface
>> 0x2 ...00 16 e6 5b db 70 ...... Realtek RTL8168/8111 PCI-E Gigabit
>> Ethernet
>> NIC
>> - Packet Scheduler Miniport
>> ===================================================================== 
>> =
>> =====
>> ===================================================================== 
>> =
>> =====
>> Active Routes:
>> Network Destination        Netmask          Gateway
>> Interface  Metric
>>           0.0.0.0          0.0.0.0      192.168.1.1
>> 192.168.1.60       30
>>         127.0.0.0        255.0.0.0        127.0.0.1
>> 127.0.0.1       1
>>       192.168.1.0    255.255.255.0     192.168.1.60
>> 192.168.1.60       30
>>      192.168.1.60  255.255.255.255        127.0.0.1
>> 127.0.0.1       30
>>     192.168.1.255  255.255.255.255     192.168.1.60
>> 192.168.1.60       30
>>         224.0.0.0        240.0.0.0     192.168.1.60
>> 192.168.1.60       30
>>   255.255.255.255  255.255.255.255     192.168.1.60
>> 192.168.1.60       1
>> Default Gateway:       192.168.1.1
>> ===================================================================== 
>> =
>> =====
>> Persistent Routes:
>>   None
>>
>> Computer 2 on WRAP2
>>
>> ===================================================================== 
>> =
>> =====
>> Interface List
>> 0x1 ........................... MS TCP Loopback interface
>> 0x2 ...00 16 e6 5b db 70 ...... Realtek RTL8168/8111 PCI-E Gigabit
>> Ethernet
>> NIC
>> - Packet Scheduler Miniport
>> ===================================================================== 
>> =
>> =====
>> ===================================================================== 
>> =
>> =====
>> Active Routes:
>> Network Destination        Netmask          Gateway
>> Interface  Metric
>>           0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.199
>> 20
>>         127.0.0.0        255.0.0.0        127.0.0.1
>> 127.0.0.1       1
>>       192.168.2.0    255.255.255.0     192.168.2.199    192.168.2.199
>> 20
>>      192.168.2.199  255.255.255.255        127.0.0.1       127.0.0.1
>> 20
>>     192.168.2.255  255.255.255.255     192.168.2.199    192.168.2.199
>> 20
>>         224.0.0.0        240.0.0.0     192.168.2.199    192.168.2.199
>> 20
>>   255.255.255.255  255.255.255.255     192.168.2.199
>> 192.168.1.199      1
>> Default Gateway:       192.168.2.1
>> ===================================================================== 
>> =
>> =====
>> Persistent Routes:
>>   None
>>
>> Thanks,
>>
>> Beau
>>
>>
>> -----Original Message-----
>> From: Lee Sharp [mailto:leesharp at hal dash pc dot org]
>> Sent: Monday, 12 February 2007 8:44 AM
>> To: m0n0wall at lists dot m0n0 dot ch
>> Subject: Re: [m0n0wall] Extending factory network
>>
>> Beau Woods wrote:
>>> Hi all,
>>>
>>> I have managed to set this all up with one problem.  I have set
>>> <WRAP1 AP
>>> LAN 192.168.1.2   and Bridged OPT1 to LAN>  <WRAP2 BSS
>>> WAN(Wireless)192.168.1.251 LAN 192.168.2.1>.  I have enabled  
>>> Advanced
>>> outbound NAT and created ANY,ANY,ANY rules for all interfaces on  
>>> both
>> boxes.
>>> I made a static route on WRAP1 WAN to goto 192.168.2.0 gw
>>> 192.168.1.251.
>>> Now I can ping everything from WRAP1 including the computer on WRAP2
>> however
>>> I cannot ping WRAP1 from the computer on WRAP2 (I can ping WRAP1  
>>> from
>> WRAP2
>>> WAN interface but not the LAN interface).
>>
>> Do a "route print" from the command line of both computers.  I am
>> thinking it is a routing issue on a computer on WRAP2.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>