Progress. Killing Guarddog does allow the ping. Executing the mount command manually (once I also start NFS manually on mandrakebox) does mount mandrakebox /home/lee to /mepisbox /home/mandrake. Need to find out how to permit NFS between these two with Guarddog running. When I open /home/mandrake on my mepis laptop, however, even with all of this done, the directory shows as empty. I should be seing my /home/lee directory there, shouldn't I? Craig White wrote: >On Fri, 2005-02-04 at 02:49 -0700, Lee Einer wrote: > > >>Craig White wrote: >> >> >> >>>On Thu, 2005-02-03 at 21:09 -0700, Lee Einer wrote: >>> >>> >>> >>> >>>>Craig White wrote: >>>> >>>> >>>> >>>> >>>> >>>>>On Thu, 2005-02-03 at 20:16 -0700, Lee Einer wrote: >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>>>Done. Pinged Mepisbox. No packets returned. Mepisbox pings Mandrakebox >>>>>>just fine. Stopping iptables at mepisbox returns message >>>>>> >>>>>> Aborting iptables load: unknown ruleset, "inactive." >>>>>> >>>>>>I don't know if that is a good thing or a bad thing. It does not get the >>>>>>ping going, though. >>>>>> >>>>>>I have connectivity through both computers to the router, and through >>>>>>the router to the internet. The connection for the Mepis laptop is >>>>>>wireless- is this at the root of the issue? >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>---- >>>>>it might very well be... >>>>> >>>>>The wireless access point - does it have some security setting on it to >>>>>prevent wireless users from accessing other parts of the LAN? - does it >>>>>put wireless users in a DMZ ? >>>>> >>>>>Question if you do (on both machines): >>>>>#route -n >>>>>Kernel IP routing table >>>>>Destination Gateway Genmask Flags Metric Ref Use >>>>>Iface >>>>>192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 >>>>>169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 >>>>>0.0.0.0 192.168.0.254 0.0.0.0 UG 0 0 0 eth0 >>>>> >>>>>does they look like above? >>>>> >>>>> >>>>> >>>>> >>>>> >>>>close. They both have the same gateway address, and both can ping it. >>>>Line 2 on Mandrake box has different Iface and Genmask -127.0.0.0 and >>>>255.0.0.0 respectively. Mepis box has two lines >>>> >>>>Destination Gateway Genmask >>>>192.168.0.0 0.0.0.0 255.255.255.0 ath0 >>>>0.0.0.0 192.168.0.1 0.0.0.0 ath0 >>>> >>>> >>>> >>>> >>>> >>>----- >>>OK - well let's evaluate my assumptions then... >>> >>>You have something like a Netgear Wireless Router (I think they use the >>>192.168.0.0 network) or perhaps one of the newer Qwest supplied >>>Actiontec dsl modem/routers with wireless and your Mandrake box connects >>>with a cable to one of the LAN ports and the Mepisbox (your laptop) >>>connects to this same router via wireless. >>> >>>With this assumption (brand accuracy not important), then they are both >>>'pinging' the same gateway - 192.168.0.1 >>> >>>With this assumption, from the Mepisbox, you should be able to ping >>>192.168.0.100 as well as 192.168.0.1 unless there is a firewall on the >>>Mandrakebox. If not, then on the Mandrakebox, type 'iptables -L' and >>>post the results >>> >>>With this assumption, from the Mandrakebox, you should be able to ping >>>192.168.0.101 as well as 192.168.0.1 unless there is a firewall on the >>>Mepisbox. If not, then on the Mepisbox, type 'iptables -L' and post the >>>results >>> >>> >>> >>This is the case. Here is the output of iptables -L from the Mepisbox- >> >>Chain INPUT (policy DROP) >>target prot opt source destination >>ACCEPT all -- anywhere anywhere >>ACCEPT all -- mepisbox 192.168.0.255 >>logaborted tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp flags:RST/RST >>ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED >>ACCEPT icmp -- anywhere anywhere icmp destination-unreachable >>ACCEPT icmp -- anywhere anywhere icmp time-exceeded >>ACCEPT icmp -- anywhere anywhere icmp parameter-problem >>nicfilt all -- anywhere anywhere >>srcfilt all -- anywhere anywhere >> >>Chain FORWARD (policy DROP) >>target prot opt source destination >>ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED >>ACCEPT icmp -- anywhere anywhere icmp destination-unreachable >>ACCEPT icmp -- anywhere anywhere icmp time-exceeded >>ACCEPT icmp -- anywhere anywhere icmp parameter-problem >>srcfilt all -- anywhere anywhere >> >>Chain OUTPUT (policy DROP) >>target prot opt source destination >>ACCEPT all -- anywhere anywhere >>ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED >>ACCEPT icmp -- anywhere anywhere icmp destination-unreachable >>ACCEPT icmp -- anywhere anywhere icmp time-exceeded >>ACCEPT icmp -- anywhere anywhere icmp parameter-problem >>s1 all -- anywhere anywhere >> >>Chain f0to1 (3 references) >>target prot opt source destination >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpts:6881:6889 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:ipp state NEW >>ACCEPT udp -- anywhere anywhere udp dpt:ipp >>ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ns state NEW >>ACCEPT udp -- anywhere anywhere udp spts:1024:65535 dpt:netbios-ns >>ACCEPT udp -- anywhere anywhere udp spt:netbios-ns dpt:netbios-ns >>ACCEPT udp -- anywhere anywhere udp spts:1024:65535 dpt:netbios-dgm >>ACCEPT udp -- anywhere anywhere udp spt:netbios-dgm dpt:netbios-dgm >>ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ssn state NEW >>ACCEPT udp -- anywhere anywhere udp spts:1024:65535 dpt:netbios-ssn >>ACCEPT icmp -- anywhere anywhere icmp source-quench >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:www state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:webcache state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:8008 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:8000 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:8888 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:6969 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpts:6881:6889 state NEW >>ACCEPT udp -- anywhere anywhere udp dpts:6970:7170 >>ACCEPT udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:5999 >>ACCEPT udp -- anywhere anywhere udp spt:netbios-ns dpt:netbios-ns >>ACCEPT udp -- anywhere anywhere udp spt:netbios-dgm dpt:netbios-dgm >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpts:1024:65535 state NEW >>ACCEPT icmp -- anywhere anywhere icmp echo-reply >>logdrop all -- anywhere anywhere >> >>Chain f0to2 (1 references) >>target prot opt source destination >>logdrop all -- anywhere anywhere >> >>Chain f1to0 (1 references) >>target prot opt source destination >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:6881:6889 state NEW >>ACCEPT udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:65535 >>ACCEPT udp -- anywhere anywhere udp spt:netbios-ns dpt:netbios-ns >>ACCEPT udp -- anywhere anywhere udp spt:netbios-dgm dpt:netbios-dgm >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:ftp state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:xmpp-client state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:6881:6889 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:1863 state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:554 state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:7070 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:ipp state NEW >>ACCEPT udp -- anywhere anywhere udp dpt:ipp >>ACCEPT udp -- anywhere anywhere udp dpt:3478 >>ACCEPT tcp -- anywhere anywhere tcp dpt:kerberos state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:https state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:imaps state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:3030 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:rsync state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:gnutella-svc state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:8765 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:8880 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:ssh state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:0:1023 dpt:ssh state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ns state NEW >>ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpt:netbios-ns >>ACCEPT udp -- anywhere anywhere udp spt:netbios-ns dpt:netbios-ns >>ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpt:netbios-dgm >>ACCEPT udp -- anywhere anywhere udp spt:netbios-dgm dpt:netbios-dgm >>ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ssn state NEW >>ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpt:netbios-ssn >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:5190:5193 state NEW >>ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpts:5190:5193 >>ACCEPT udp -- anywhere anywhere udp dpts:33434:33600 >>ACCEPT udp -- anywhere anywhere udp dpt:ntp >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:pop3s state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:5050 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:telnet state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:5000:5001 state NEW >>ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpt:5000 >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:dict state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:1723 state NEW >>ACCEPT gre -- anywhere anywhere >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:whois state NEW >>ACCEPT udp -- anywhere anywhere udp dpt:43 >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:nntp state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:imap2 state NEW >>ACCEPT udp -- anywhere anywhere udp dpt:imap2 >>ACCEPT udp -- anywhere anywhere udp dpt:4000 >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpts:1024:65535 state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:ldap state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:522 state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:1503 state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:1720 state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:1731 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:1024:65535 state NEW >>ACCEPT udp -- anywhere anywhere udp spts:1024:5999 dpts:1024:65535 >>ACCEPT icmp -- anywhere anywhere icmp echo-request >>ACCEPT icmp -- anywhere anywhere icmp source-quench >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:smtp state NEW >>ACCEPT tcp -- anywhere anywhere tcp dpt:domain state NEW >>ACCEPT udp -- anywhere anywhere udp dpt:domain >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:www state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:webcache state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:8008 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:8000 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:8888 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpts:6660:6669 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:6969 state NEW >>ACCEPT tcp -- anywhere anywhere tcp spts:1024:5999 dpt:pop3 state NEW >>logdrop all -- anywhere anywhere >> >>Chain f1to2 (1 references) >>target prot opt source destination >>logdrop all -- anywhere anywhere >> >>Chain f2to0 (1 references) >>target prot opt source destination >>logdrop all -- anywhere anywhere >> >>Chain f2to1 (3 references) >>target prot opt source destination >>logdrop all -- anywhere anywhere >> >>Chain logaborted (1 references) >>target prot opt source destination >>logaborted2 all -- anywhere anywhere limit: avg 1/sec burst 10 >>LOG all -- anywhere anywhere limit: avg 2/min burst 1 LOG level warning prefix `LIMITED ' >> >>Chain logaborted2 (1 references) >>target prot opt source destination >>LOG all -- anywhere anywhere LOG level warning tcp-sequence tcp-options ip-options prefix `ABORTED ' >>ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED >> >>Chain logdrop (8 references) >>target prot opt source destination >>logdrop2 all -- anywhere anywhere >> >>Chain logdrop2 (1 references) >>target prot opt source destination >>DROP all -- anywhere anywhere >> >>Chain logreject (0 references) >>target prot opt source destination >>logreject2 all -- anywhere anywhere >> >>Chain logreject2 (1 references) >>target prot opt source destination >>REJECT tcp -- anywhere anywhere reject-with tcp-reset >>REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable >>DROP all -- anywhere anywhere >> >>Chain nicfilt (1 references) >>target prot opt source destination >>RETURN all -- anywhere anywhere >>RETURN all -- anywhere anywhere >>RETURN all -- anywhere anywhere >>logdrop all -- anywhere anywhere >> >>Chain s0 (1 references) >>target prot opt source destination >>f0to1 all -- anywhere mepisbox >>f0to1 all -- anywhere 192.168.0.255 >>f0to1 all -- anywhere mepisbox >>f0to2 all -- anywhere 12.168.0.100 >>logdrop all -- anywhere anywhere >> >>Chain s1 (1 references) >>target prot opt source destination >>f1to2 all -- anywhere 12.168.0.100 >>f1to0 all -- anywhere anywhere >> >>Chain s2 (1 references) >>target prot opt source destination >>f2to1 all -- anywhere mepisbox >>f2to1 all -- anywhere 192.168.0.255 >>f2to1 all -- anywhere mepisbox >>f2to0 all -- anywhere anywhere >> >>Chain srcfilt (2 references) >>target prot opt source destination >>s2 all -- 12.168.0.100 anywhere >>s0 all -- anywhere anywhere >> >> >---- >wow - don't know where to fix this. You must be using some utility to >create this - does mepis create complex tables such as this by default? > >My first thought is that there is a switch to turn this off for testing >and back on again - and then a 'configuration' utility to allow for >adding new ports. > >a very quick check in forums at mepis shows two common utilities, guard >dog and firestarter. My guess is that you are using guard dog. > >>From Mepis Documentation Wiki >What is Guarddog? From the website: > >Guarddog is a firewall configuration utility for Linux systems. Guarddog >is aimed at two groups of users. Novice to intermediate users who are >not experts in TCP/IP networking and security, and those users who don't >want the hastle of dealing with cryptic shell scripts and >ipchains/iptables parameters. > >Main Menu --> System --> Security --> Guarddog > >Can you get there and turn it off momentarily? > >Then you should be able to ping the Mepisbox from the Mandrakebox > >Then I suppose you could allow NFS (port 2049) from 192.168.0.100 > >Perhaps something similar going on in Mandrakebox (firewall) >---- > > >> >> >>The router is a D-Link DI 624. I will be reviewing the manual later in >>the morning also. Hope this isn't one of those cases where RTFM would >>have been the correct response. >> >> >---- >I think you can spare yourself some reading effort here...problem seems >to be firewall > >;-) > >Craig > >--------------------------------------------------- >PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >To subscribe, unsubscribe, or to change you mail settings: >http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss > > > -- Lee Einer Dos Manos Jewelry http://www.dosmanosjewelry.com --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss