Craig White wrote: >On Thu, 2005-02-03 at 21:09 -0700, Lee Einer wrote: > > >>Craig White wrote: >> >> >> >>>On Thu, 2005-02-03 at 20:16 -0700, Lee Einer wrote: >>> >>> >>> >>> >>>>Done. Pinged Mepisbox. No packets returned. Mepisbox pings Mandrakebox >>>>just fine. Stopping iptables at mepisbox returns message >>>> >>>> Aborting iptables load: unknown ruleset, "inactive." >>>> >>>>I don't know if that is a good thing or a bad thing. It does not get the >>>>ping going, though. >>>> >>>>I have connectivity through both computers to the router, and through >>>>the router to the internet. The connection for the Mepis laptop is >>>>wireless- is this at the root of the issue? >>>> >>>> >>>> >>>> >>>---- >>>it might very well be... >>> >>>The wireless access point - does it have some security setting on it to >>>prevent wireless users from accessing other parts of the LAN? - does it >>>put wireless users in a DMZ ? >>> >>>Question if you do (on both machines): >>>#route -n >>>Kernel IP routing table >>>Destination Gateway Genmask Flags Metric Ref Use >>>Iface >>>192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 >>>169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 >>>0.0.0.0 192.168.0.254 0.0.0.0 UG 0 0 0 eth0 >>> >>>does they look like above? >>> >>> >>> >>close. They both have the same gateway address, and both can ping it. >>Line 2 on Mandrake box has different Iface and Genmask -127.0.0.0 and >>255.0.0.0 respectively. Mepis box has two lines >> >>Destination Gateway Genmask >>192.168.0.0 0.0.0.0 255.255.255.0 ath0 >>0.0.0.0 192.168.0.1 0.0.0.0 ath0 >> >> >> >----- >OK - well let's evaluate my assumptions then... > >You have something like a Netgear Wireless Router (I think they use the >192.168.0.0 network) or perhaps one of the newer Qwest supplied >Actiontec dsl modem/routers with wireless and your Mandrake box connects >with a cable to one of the LAN ports and the Mepisbox (your laptop) >connects to this same router via wireless. > >With this assumption (brand accuracy not important), then they are both >'pinging' the same gateway - 192.168.0.1 > >With this assumption, from the Mepisbox, you should be able to ping >192.168.0.100 as well as 192.168.0.1 unless there is a firewall on the >Mandrakebox. If not, then on the Mandrakebox, type 'iptables -L' and >post the results > >With this assumption, from the Mandrakebox, you should be able to ping >192.168.0.101 as well as 192.168.0.1 unless there is a firewall on the >Mepisbox. If not, then on the Mepisbox, type 'iptables -L' and post the >results > This is the case. Here is the output of iptables -L from the Mepisbox- Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- mepisbox 192.168.0.255 logaborted tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp flags:RST/RST ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem nicfilt all -- anywhere anywhere srcfilt all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem srcfilt all -- anywhere anywhere Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp parameter-problem s1 all -- anywhere anywhere Chain f0to1 (3 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpts:6881:6889 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:ipp state NEW ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ns state NEW ACCEPT udp -- anywhere anywhere udp spts:1024:65535 dpt:netbios-ns ACCEPT udp -- anywhere anywhere udp spt:netbios-ns dpt:netbios-ns ACCEPT udp -- anywhere anywhere udp spts:1024:65535 dpt:netbios-dgm ACCEPT udp -- anywhere anywhere udp spt:netbios-dgm dpt:netbios-dgm ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ssn state NEW ACCEPT udp -- anywhere anywhere udp spts:1024:65535 dpt:netbios-ssn ACCEPT icmp -- anywhere anywhere icmp source-quench ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:www state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:webcache state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:8008 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:8000 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:8888 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:6969 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpts:6881:6889 state NEW ACCEPT udp -- anywhere anywhere udp dpts:6970:7170 ACCEPT udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:5999 ACCEPT udp -- anywhere anywhere udp spt:netbios-ns dpt:netbios-ns ACCEPT udp -- anywhere anywhere udp spt:netbios-dgm dpt:netbios-dgm ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpts:1024:65535 state NEW ACCEPT icmp -- anywhere anywhere icmp echo-reply logdrop all -- anywhere anywhere Chain f0to2 (1 references) target prot opt source destination logdrop all -- anywhere anywhere Chain f1to0 (1 references) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:6881:6889 state NEW ACCEPT udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:65535 ACCEPT udp -- anywhere anywhere udp spt:netbios-ns dpt:netbios-ns ACCEPT udp -- anywhere anywhere udp spt:netbios-dgm dpt:netbios-dgm ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:ftp state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:xmpp-client state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:6881:6889 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:1863 state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:554 state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:7070 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:ipp state NEW ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT udp -- anywhere anywhere udp dpt:3478 ACCEPT tcp -- anywhere anywhere tcp dpt:kerberos state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:https state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:imaps state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:3030 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:rsync state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:gnutella-svc state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:8765 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:8880 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:ssh state NEW ACCEPT tcp -- anywhere anywhere tcp spts:0:1023 dpt:ssh state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ns state NEW ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpt:netbios-ns ACCEPT udp -- anywhere anywhere udp spt:netbios-ns dpt:netbios-ns ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpt:netbios-dgm ACCEPT udp -- anywhere anywhere udp spt:netbios-dgm dpt:netbios-dgm ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ssn state NEW ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpt:netbios-ssn ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:5190:5193 state NEW ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpts:5190:5193 ACCEPT udp -- anywhere anywhere udp dpts:33434:33600 ACCEPT udp -- anywhere anywhere udp dpt:ntp ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:pop3s state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:5050 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:telnet state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:5000:5001 state NEW ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpt:5000 ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:dict state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:1723 state NEW ACCEPT gre -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:whois state NEW ACCEPT udp -- anywhere anywhere udp dpt:43 ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:nntp state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:imap2 state NEW ACCEPT udp -- anywhere anywhere udp dpt:imap2 ACCEPT udp -- anywhere anywhere udp dpt:4000 ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpts:1024:65535 state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:ldap state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:522 state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:1503 state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:1720 state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:1731 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:1024:65535 state NEW ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpts:1024:65535 ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere icmp source-quench ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:smtp state NEW ACCEPT tcp -- anywhere anywhere tcp dpt:domain state NEW ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:www state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:webcache state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:8008 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:8000 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:8888 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:6660:6669 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:6969 state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:pop3 state NEW logdrop all -- anywhere anywhere Chain f1to2 (1 references) target prot opt source destination logdrop all -- anywhere anywhere Chain f2to0 (1 references) target prot opt source destination logdrop all -- anywhere anywhere Chain f2to1 (3 references) target prot opt source destination logdrop all -- anywhere anywhere Chain logaborted (1 references) target prot opt source destination logaborted2 all -- anywhere anywhere limit: avg 1/sec burst 10 LOG all -- anywhere anywhere limit: avg 2/min burst 1 LOG level warning prefix `LIMITED ' Chain logaborted2 (1 references) target prot opt source destination LOG all -- anywhere anywhere LOG level warning tcp-sequence tcp-options ip-options prefix `ABORTED ' ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED Chain logdrop (8 references) target prot opt source destination logdrop2 all -- anywhere anywhere Chain logdrop2 (1 references) target prot opt source destination DROP all -- anywhere anywhere Chain logreject (0 references) target prot opt source destination logreject2 all -- anywhere anywhere Chain logreject2 (1 references) target prot opt source destination REJECT tcp -- anywhere anywhere reject-with tcp-reset REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable DROP all -- anywhere anywhere Chain nicfilt (1 references) target prot opt source destination RETURN all -- anywhere anywhere RETURN all -- anywhere anywhere RETURN all -- anywhere anywhere logdrop all -- anywhere anywhere Chain s0 (1 references) target prot opt source destination f0to1 all -- anywhere mepisbox f0to1 all -- anywhere 192.168.0.255 f0to1 all -- anywhere mepisbox f0to2 all -- anywhere 12.168.0.100 logdrop all -- anywhere anywhere Chain s1 (1 references) target prot opt source destination f1to2 all -- anywhere 12.168.0.100 f1to0 all -- anywhere anywhere Chain s2 (1 references) target prot opt source destination f2to1 all -- anywhere mepisbox f2to1 all -- anywhere 192.168.0.255 f2to1 all -- anywhere mepisbox f2to0 all -- anywhere anywhere Chain srcfilt (2 references) target prot opt source destination s2 all -- 12.168.0.100 anywhere s0 all -- anywhere anywhere The router is a D-Link DI 624. I will be reviewing the manual later in the morning also. Hope this isn't one of those cases where RTFM would have been the correct response. > >If I am to look at the manual for your specific wireless AP - (to see if >there is some setting that might prevent wireless from accessing LAN), >you should let me know the make & model of your wireless AP so I can >download the manual from the internet > >Craig > >--------------------------------------------------- >PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >To subscribe, unsubscribe, or to change you mail settings: >http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > -- Lee Einer Dos Manos Jewelry http://www.dosmanosjewelry.com --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss