OK, never mind, the directory now mounts and everything is where it should be. As long as Guarddog is turned off. Guarddog is probably ok turned off as long as I am at home using a router with its own firewall, but I would like it to still be functional for when I take the laptop on trips, etc, so I don't get hacked or catch cooties. I tried setting up a zone named LAN with the IPs of both boxes listed, and with NFS and ping turned on, but it did not make a difference. Where from here? Lee Einer wrote: > Progress. Killing Guarddog does allow the ping. Executing the mount > command manually (once I also start NFS manually on mandrakebox) does > mount mandrakebox /home/lee to /mepisbox /home/mandrake. Need to find > out how to permit NFS between these two with Guarddog running. > > When I open /home/mandrake on my mepis laptop, however, even with all > of this done, the directory shows as empty. I should be seing my > /home/lee directory there, shouldn't I? > > > > Craig White wrote: > >> On Fri, 2005-02-04 at 02:49 -0700, Lee Einer wrote: >> >> >>> Craig White wrote: >>> >>> >>> >>>> On Thu, 2005-02-03 at 21:09 -0700, Lee Einer wrote: >>>> >>>> >>>> >>>> >>>>> Craig White wrote: >>>>> >>>>> >>>>> >>>>> >>>>>> On Thu, 2005-02-03 at 20:16 -0700, Lee Einer wrote: >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>>> Done. Pinged Mepisbox. No packets returned. Mepisbox pings >>>>>>> Mandrakebox just fine. Stopping iptables at mepisbox returns >>>>>>> message >>>>>>> >>>>>>> Aborting iptables load: unknown ruleset, "inactive." >>>>>>> >>>>>>> I don't know if that is a good thing or a bad thing. It does not >>>>>>> get the ping going, though. >>>>>>> >>>>>>> I have connectivity through both computers to the router, and >>>>>>> through the router to the internet. The connection for the Mepis >>>>>>> laptop is wireless- is this at the root of the issue? >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> ---- >>>>>> it might very well be... >>>>>> >>>>>> The wireless access point - does it have some security setting on >>>>>> it to >>>>>> prevent wireless users from accessing other parts of the LAN? - >>>>>> does it >>>>>> put wireless users in a DMZ ? >>>>>> >>>>>> Question if you do (on both machines): >>>>>> #route -n >>>>>> Kernel IP routing table >>>>>> Destination Gateway Genmask Flags Metric Ref Use >>>>>> Iface >>>>>> 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 >>>>>> 0 eth0 >>>>>> 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 >>>>>> 0 eth0 >>>>>> 0.0.0.0 192.168.0.254 0.0.0.0 UG 0 0 >>>>>> 0 eth0 >>>>>> >>>>>> does they look like above? >>>>>> >>>>>> >>>>>> >>>>> >>>>> close. They both have the same gateway address, and both can ping >>>>> it. Line 2 on Mandrake box has different Iface and Genmask >>>>> -127.0.0.0 and 255.0.0.0 respectively. Mepis box has two lines >>>>> >>>>> Destination Gateway Genmask >>>>> 192.168.0.0 0.0.0.0 255.255.255.0 ath0 >>>>> 0.0.0.0 192.168.0.1 0.0.0.0 ath0 >>>>> >>>>> >>>>> >>>> >>>> ----- >>>> OK - well let's evaluate my assumptions then... >>>> >>>> You have something like a Netgear Wireless Router (I think they use >>>> the >>>> 192.168.0.0 network) or perhaps one of the newer Qwest supplied >>>> Actiontec dsl modem/routers with wireless and your Mandrake box >>>> connects >>>> with a cable to one of the LAN ports and the Mepisbox (your laptop) >>>> connects to this same router via wireless. >>>> >>>> With this assumption (brand accuracy not important), then they are >>>> both >>>> 'pinging' the same gateway - 192.168.0.1 >>>> >>>> With this assumption, from the Mepisbox, you should be able to ping >>>> 192.168.0.100 as well as 192.168.0.1 unless there is a firewall on the >>>> Mandrakebox. If not, then on the Mandrakebox, type 'iptables -L' and >>>> post the results >>>> >>>> With this assumption, from the Mandrakebox, you should be able to ping >>>> 192.168.0.101 as well as 192.168.0.1 unless there is a firewall on the >>>> Mepisbox. If not, then on the Mepisbox, type 'iptables -L' and post >>>> the >>>> results >>>> >>>> >>> >>> This is the case. Here is the output of iptables -L from the Mepisbox- >>> >>> Chain INPUT (policy DROP) >>> target prot opt source destination >>> ACCEPT all -- anywhere anywhere >>> ACCEPT all -- mepisbox 192.168.0.255 >>> logaborted tcp -- anywhere anywhere state >>> RELATED,ESTABLISHED tcp flags:RST/RST ACCEPT all -- >>> anywhere anywhere state RELATED,ESTABLISHED >>> ACCEPT icmp -- anywhere anywhere icmp >>> destination-unreachable ACCEPT icmp -- anywhere >>> anywhere icmp time-exceeded ACCEPT icmp -- >>> anywhere anywhere icmp parameter-problem >>> nicfilt all -- anywhere anywhere >>> srcfilt all -- anywhere anywhere >>> Chain FORWARD (policy DROP) >>> target prot opt source destination >>> ACCEPT all -- anywhere anywhere state >>> RELATED,ESTABLISHED ACCEPT icmp -- anywhere >>> anywhere icmp destination-unreachable ACCEPT icmp -- >>> anywhere anywhere icmp time-exceeded >>> ACCEPT icmp -- anywhere anywhere icmp >>> parameter-problem srcfilt all -- anywhere >>> anywhere >>> Chain OUTPUT (policy DROP) >>> target prot opt source destination >>> ACCEPT all -- anywhere anywhere >>> ACCEPT all -- anywhere anywhere state >>> RELATED,ESTABLISHED ACCEPT icmp -- anywhere >>> anywhere icmp destination-unreachable ACCEPT icmp -- >>> anywhere anywhere icmp time-exceeded >>> ACCEPT icmp -- anywhere anywhere icmp >>> parameter-problem s1 all -- anywhere >>> anywhere >>> Chain f0to1 (3 references) >>> target prot opt source destination >>> ACCEPT tcp -- anywhere anywhere tcp >>> spts:1024:65535 dpts:6881:6889 state NEW ACCEPT tcp -- >>> anywhere anywhere tcp spts:1024:65535 dpt:ipp >>> state NEW ACCEPT udp -- anywhere >>> anywhere udp dpt:ipp ACCEPT tcp -- >>> anywhere anywhere tcp dpt:microsoft-ds state >>> NEW ACCEPT tcp -- anywhere anywhere tcp >>> dpt:netbios-ns state NEW ACCEPT udp -- anywhere >>> anywhere udp spts:1024:65535 dpt:netbios-ns ACCEPT >>> udp -- anywhere anywhere udp spt:netbios-ns >>> dpt:netbios-ns ACCEPT udp -- anywhere >>> anywhere udp spts:1024:65535 dpt:netbios-dgm ACCEPT >>> udp -- anywhere anywhere udp >>> spt:netbios-dgm dpt:netbios-dgm ACCEPT tcp -- >>> anywhere anywhere tcp dpt:netbios-ssn state >>> NEW ACCEPT udp -- anywhere anywhere udp >>> spts:1024:65535 dpt:netbios-ssn ACCEPT icmp -- >>> anywhere anywhere icmp source-quench >>> ACCEPT tcp -- anywhere anywhere tcp >>> spts:1024:65535 dpt:www state NEW ACCEPT tcp -- >>> anywhere anywhere tcp spts:1024:65535 >>> dpt:webcache state NEW ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:65535 dpt:8008 state NEW >>> ACCEPT tcp -- anywhere anywhere tcp >>> spts:1024:65535 dpt:8000 state NEW ACCEPT tcp -- >>> anywhere anywhere tcp spts:1024:65535 >>> dpt:8888 state NEW ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:65535 dpt:6969 state NEW >>> ACCEPT tcp -- anywhere anywhere tcp >>> spts:1024:65535 dpts:6881:6889 state NEW ACCEPT udp -- >>> anywhere anywhere udp dpts:6970:7170 >>> ACCEPT udp -- anywhere anywhere udp >>> spt:netbios-ns dpts:1024:5999 ACCEPT udp -- >>> anywhere anywhere udp spt:netbios-ns >>> dpt:netbios-ns ACCEPT udp -- anywhere >>> anywhere udp spt:netbios-dgm dpt:netbios-dgm ACCEPT >>> tcp -- anywhere anywhere tcp >>> spts:1024:65535 dpts:1024:65535 state NEW ACCEPT icmp -- >>> anywhere anywhere icmp echo-reply logdrop >>> all -- anywhere anywhere >>> Chain f0to2 (1 references) >>> target prot opt source destination >>> logdrop all -- anywhere anywhere >>> Chain f1to0 (1 references) >>> target prot opt source destination >>> ACCEPT tcp -- anywhere anywhere tcp >>> spts:1024:5999 dpts:6881:6889 state NEW ACCEPT udp -- >>> anywhere anywhere udp spt:netbios-ns >>> dpts:1024:65535 ACCEPT udp -- anywhere >>> anywhere udp spt:netbios-ns dpt:netbios-ns ACCEPT >>> udp -- anywhere anywhere udp >>> spt:netbios-dgm dpt:netbios-dgm ACCEPT tcp -- >>> anywhere anywhere tcp spts:1024:5999 dpt:ftp >>> state NEW ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:5999 dpt:xmpp-client state NEW >>> ACCEPT tcp -- anywhere anywhere tcp >>> spts:1024:5999 dpts:6881:6889 state NEW ACCEPT tcp -- >>> anywhere anywhere tcp spts:1024:5999 dpt:1863 >>> state NEW ACCEPT tcp -- anywhere >>> anywhere tcp dpt:554 state NEW ACCEPT tcp -- >>> anywhere anywhere tcp dpt:7070 state NEW >>> ACCEPT tcp -- anywhere anywhere tcp >>> spts:1024:5999 dpt:ipp state NEW ACCEPT udp -- >>> anywhere anywhere udp dpt:ipp ACCEPT udp >>> -- anywhere anywhere udp dpt:3478 ACCEPT >>> tcp -- anywhere anywhere tcp dpt:kerberos >>> state NEW ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:5999 dpt:https state NEW >>> ACCEPT tcp -- anywhere anywhere tcp >>> spts:1024:5999 dpt:imaps state NEW ACCEPT tcp -- >>> anywhere anywhere tcp dpt:3030 state NEW >>> ACCEPT tcp -- anywhere anywhere tcp >>> spts:1024:5999 dpt:rsync state NEW ACCEPT tcp -- >>> anywhere anywhere tcp dpt:microsoft-ds state >>> NEW ACCEPT tcp -- anywhere anywhere tcp >>> dpt:gnutella-svc state NEW ACCEPT tcp -- anywhere >>> anywhere tcp dpt:8765 state NEW ACCEPT tcp -- >>> anywhere anywhere tcp spts:1024:5999 dpt:8880 >>> state NEW ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:5999 dpt:ssh state NEW ACCEPT >>> tcp -- anywhere anywhere tcp spts:0:1023 >>> dpt:ssh state NEW ACCEPT tcp -- anywhere >>> anywhere tcp dpt:netbios-ns state NEW ACCEPT udp -- >>> anywhere anywhere udp spts:1024:5999 >>> dpt:netbios-ns ACCEPT udp -- anywhere >>> anywhere udp spt:netbios-ns dpt:netbios-ns ACCEPT >>> udp -- anywhere anywhere udp spts:1024:5999 >>> dpt:netbios-dgm ACCEPT udp -- anywhere >>> anywhere udp spt:netbios-dgm dpt:netbios-dgm ACCEPT >>> tcp -- anywhere anywhere tcp >>> dpt:netbios-ssn state NEW ACCEPT udp -- anywhere >>> anywhere udp spts:1024:5999 dpt:netbios-ssn ACCEPT >>> tcp -- anywhere anywhere tcp spts:1024:5999 >>> dpts:5190:5193 state NEW ACCEPT udp -- anywhere >>> anywhere udp spts:1024:5999 dpts:5190:5193 ACCEPT >>> udp -- anywhere anywhere udp >>> dpts:33434:33600 ACCEPT udp -- anywhere >>> anywhere udp dpt:ntp ACCEPT tcp -- >>> anywhere anywhere tcp spts:1024:5999 >>> dpt:pop3s state NEW ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:5999 dpt:5050 state NEW ACCEPT >>> tcp -- anywhere anywhere tcp spts:1024:5999 >>> dpt:telnet state NEW ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:5999 dpts:5000:5001 state NEW >>> ACCEPT udp -- anywhere anywhere udp >>> spts:1024:5999 dpt:5000 ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:5999 dpt:dict state NEW ACCEPT >>> tcp -- anywhere anywhere tcp spts:1024:5999 >>> dpt:1723 state NEW ACCEPT gre -- anywhere >>> anywhere ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:5999 dpt:whois state NEW >>> ACCEPT udp -- anywhere anywhere udp >>> dpt:43 ACCEPT tcp -- anywhere anywhere >>> tcp spts:1024:5999 dpt:nntp state NEW ACCEPT tcp -- >>> anywhere anywhere tcp spts:1024:5999 >>> dpt:imap2 state NEW ACCEPT udp -- anywhere >>> anywhere udp dpt:imap2 ACCEPT udp -- >>> anywhere anywhere udp dpt:4000 ACCEPT >>> tcp -- anywhere anywhere tcp >>> spts:1024:65535 dpts:1024:65535 state NEW ACCEPT tcp -- >>> anywhere anywhere tcp dpt:ldap state NEW >>> ACCEPT tcp -- anywhere anywhere tcp >>> dpt:522 state NEW ACCEPT tcp -- anywhere >>> anywhere tcp dpt:1503 state NEW ACCEPT tcp -- >>> anywhere anywhere tcp dpt:1720 state NEW >>> ACCEPT tcp -- anywhere anywhere tcp >>> dpt:1731 state NEW ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:5999 dpts:1024:65535 state NEW >>> ACCEPT udp -- anywhere anywhere udp >>> spts:1024:5999 dpts:1024:65535 ACCEPT icmp -- >>> anywhere anywhere icmp echo-request >>> ACCEPT icmp -- anywhere anywhere icmp >>> source-quench ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:5999 dpt:smtp state NEW ACCEPT >>> tcp -- anywhere anywhere tcp dpt:domain >>> state NEW ACCEPT udp -- anywhere >>> anywhere udp dpt:domain ACCEPT tcp -- >>> anywhere anywhere tcp spts:1024:5999 dpt:www >>> state NEW ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:5999 dpt:webcache state NEW >>> ACCEPT tcp -- anywhere anywhere tcp >>> spts:1024:5999 dpt:8008 state NEW ACCEPT tcp -- >>> anywhere anywhere tcp spts:1024:5999 dpt:8000 >>> state NEW ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:5999 dpt:8888 state NEW ACCEPT >>> tcp -- anywhere anywhere tcp spts:1024:5999 >>> dpts:6660:6669 state NEW ACCEPT tcp -- anywhere >>> anywhere tcp spts:1024:5999 dpt:6969 state NEW ACCEPT >>> tcp -- anywhere anywhere tcp spts:1024:5999 >>> dpt:pop3 state NEW logdrop all -- anywhere >>> anywhere >>> Chain f1to2 (1 references) >>> target prot opt source destination >>> logdrop all -- anywhere anywhere >>> Chain f2to0 (1 references) >>> target prot opt source destination >>> logdrop all -- anywhere anywhere >>> Chain f2to1 (3 references) >>> target prot opt source destination >>> logdrop all -- anywhere anywhere >>> Chain logaborted (1 references) >>> target prot opt source destination >>> logaborted2 all -- anywhere anywhere >>> limit: avg 1/sec burst 10 LOG all -- anywhere >>> anywhere limit: avg 2/min burst 1 LOG level warning >>> prefix `LIMITED ' >>> Chain logaborted2 (1 references) >>> target prot opt source destination >>> LOG all -- anywhere anywhere LOG >>> level warning tcp-sequence tcp-options ip-options prefix `ABORTED ' >>> ACCEPT all -- anywhere anywhere state >>> RELATED,ESTABLISHED >>> Chain logdrop (8 references) >>> target prot opt source destination >>> logdrop2 all -- anywhere anywhere >>> Chain logdrop2 (1 references) >>> target prot opt source destination >>> DROP all -- anywhere anywhere >>> Chain logreject (0 references) >>> target prot opt source destination >>> logreject2 all -- anywhere anywhere >>> Chain logreject2 (1 references) >>> target prot opt source destination >>> REJECT tcp -- anywhere anywhere >>> reject-with tcp-reset REJECT udp -- anywhere >>> anywhere reject-with icmp-port-unreachable DROP >>> all -- anywhere anywhere >>> Chain nicfilt (1 references) >>> target prot opt source destination >>> RETURN all -- anywhere anywhere >>> RETURN all -- anywhere anywhere >>> RETURN all -- anywhere anywhere >>> logdrop all -- anywhere anywhere >>> Chain s0 (1 references) >>> target prot opt source destination >>> f0to1 all -- anywhere mepisbox >>> f0to1 all -- anywhere 192.168.0.255 >>> f0to1 all -- anywhere mepisbox >>> f0to2 all -- anywhere 12.168.0.100 >>> logdrop all -- anywhere anywhere >>> Chain s1 (1 references) >>> target prot opt source destination >>> f1to2 all -- anywhere 12.168.0.100 >>> f1to0 all -- anywhere anywhere >>> Chain s2 (1 references) >>> target prot opt source destination >>> f2to1 all -- anywhere mepisbox >>> f2to1 all -- anywhere 192.168.0.255 >>> f2to1 all -- anywhere mepisbox >>> f2to0 all -- anywhere anywhere >>> Chain srcfilt (2 references) >>> target prot opt source destination >>> s2 all -- 12.168.0.100 anywhere >>> s0 all -- anywhere anywhere >> >> ---- >> wow - don't know where to fix this. You must be using some utility to >> create this - does mepis create complex tables such as this by default? >> >> My first thought is that there is a switch to turn this off for testing >> and back on again - and then a 'configuration' utility to allow for >> adding new ports. >> >> a very quick check in forums at mepis shows two common utilities, guard >> dog and firestarter. My guess is that you are using guard dog. >> >>> From Mepis Documentation Wiki >> >> What is Guarddog? From the website: >> >> Guarddog is a firewall configuration utility for Linux systems. Guarddog >> is aimed at two groups of users. Novice to intermediate users who are >> not experts in TCP/IP networking and security, and those users who don't >> want the hastle of dealing with cryptic shell scripts and >> ipchains/iptables parameters. >> >> Main Menu --> System --> Security --> Guarddog >> >> Can you get there and turn it off momentarily? >> >> Then you should be able to ping the Mepisbox from the Mandrakebox >> >> Then I suppose you could allow NFS (port 2049) from 192.168.0.100 >> >> Perhaps something similar going on in Mandrakebox (firewall) >> ---- >> >> >>> >>> The router is a D-Link DI 624. I will be reviewing the manual later >>> in the morning also. Hope this isn't one of those cases where RTFM >>> would have been the correct response. >>> >> >> ---- >> I think you can spare yourself some reading effort here...problem seems >> to be firewall >> >> ;-) >> >> Craig >> >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us >> To subscribe, unsubscribe, or to change you mail settings: >> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss >> >> >> > -- Lee Einer Dos Manos Jewelry http://www.dosmanosjewelry.com --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss