Re: [Firestarter-user] problems using firestarter
Brought to you by:
majix
From: aviv <avi...@ya...> - 2006-08-19 19:41:19
|
Mike Pepe <lamune <at> doki-doki.net> writes: > You did move the old file out of the way first, right? > The idea is to create a new non-routables file that is empty. Hmm. Well, I actually did delete the old file and created an empty one- it didn't work. However, I lost the original file.. I removed FS (and /etc/firestarter) and reinstalled FS, with the hope I'll be able to recover that file, but it's still empty. In any case, an empty file didn't help :-( > do a traceroute -n on a favorite website address, like traceroute -n > www.google.com before and after fs starts. compare the difference. see > where the packets are being stopped. > > You should also determine if all traffic is being blocked or you just > can't get to your isp DNS servers. Try the traceroute by IP address as > well as name both before and after as well. Ok, good point- I did that. traceroute to a hostname doesn't work ("unknown host"). tracerout to google's ip produces: traceroute to 66.249.85.104 (66.249.85.104), 30 hops max, 40 byte packets traceroute: sendto: Operation not permitted 1 traceroute: wrote 66.249.85.104 40 chars, ret=-1 *traceroute: sendto: Operation not permitted and these last 2 lines repeat themselves on and on. > in /var/log/messages, assuming fs rules are blocking your traffic, you > should see a ton of messages like: > Aug 19 13:35:41 quadzilla kernel: Inbound IN=eth1 OUT= > MAC=00:c0:95:c4:18:99:00:0f:23:da:d9:5a:08:00 SRC=194.127.102.101 > DST=67.97.11.254 LEN=908 TOS=0x00 PREC=0x00 TTL=116 ID=4894 PROTO=UDP > SPT=20841 DPT=1026 LEN=888 > > these can tell you what specifically is being dropped. look for outbound > and inbound messages. You're right- tons of messages like the ones below- dont know how to read it... and toAug 19 22:22:16 localhost kernel: [4295657.940000] Inbound IN=eth1 OUT= MAC=00:01:2e:0c:c2:a7:00:0f:34:7b:c8:95:08:00 SRC=212.143.209.6 DST=172.27.100.248 LEN=52 TOS=0x00 PREC=0x00 TTL=251 ID=32690 PROTO=47 Aug 19 22:22:16 localhost kernel: [4295658.429000] Inbound IN=eth1 OUT= MAC=00:01:2e:0c:c2:a7:00:0f:34:7b:c8:95:08:00 SRC=212.143.209.6 DST=172.27.100.248 LEN=68 TOS=0x00 PREC=0x00 TTL=251 ID=41802 PROTO=47 Aug 19 22:22:17 localhost kernel: [4295659.525000] Unknown OutputIN= OUT=ppp0 SRC=217.132.122.115 DST=194.90.1.5 LEN=63 TOS=0x00 PREC=0x00 TTL=64 ID=36869 DF PROTO=UDP SPT=32808 DPT=53 LEN=43 Aug 19 22:22:17 localhost kernel: [4295659.525000] Unknown OutputIN= OUT=ppp0 SRC=217.132.122.115 DST=212.143.212.143 LEN=63 TOS=0x00 PREC=0x00 TTL=64 ID=36869 DF PROTO=UDP SPT=32808 DPT=53 LEN=43 Aug 19 22:22:17 localhost kernel: [4295659.525000] Unknown OutputIN= OUT=ppp0 SRC=217.132.122.115 DST=194.90.1.5 LEN=63 TOS=0x00 PREC=0x00 TTL=64 ID=36869 DF PROTO=UDP SPT=32808 DPT=53 LEN=43 Aug 19 22:22:17 localhost kernel: [4295659.525000] Unknown OutputIN= OUT=ppp0 SRC=217.132.122.115 DST=212.143.212.143 LEN=63 TOS=0x00 PREC=0x00 TTL=64 ID=36869 DF PROTO=UDP SPT=32808 DPT=53 LEN=43 Aug 19 22:22:17 localhost kernel: [4295659.525000] Unknown OutputIN= OUT=ppp0 SRC=217.132.122.115 DST=194.90.1.5 LEN=63 TOS=0x00 PREC=0x00 TTL=64 ID=36869 DF PROTO=UDP SPT=32808 DPT=53 LEN=43 Aug 19 22:22:17 localhost kernel: [4295659.525000] Unknown OutputIN= OUT=ppp0 SRC=217.132.122.115 DST=212.143.212.143 LEN=63 TOS=0x00 PREC=0x00 TTL=64 ID=36869 DF PROTO=UDP SPT=32808 DPT=53 LEN=43 Aug 19 22:22:17 localhost kernel: [4295659.525000] Unknown OutputIN= OUT=ppp0 SRC=217.132.122.115 DST=194.90.1.5 LEN=63 TOS=0x00 PREC=0x00 TTL=64 ID=36869 DF PROTO=UDP SPT=32808 DPT=53 LEN=43 Aug 19 22:22:17 localhost kernel: [4295659.525000] Unknown OutputIN= OUT=ppp0 SRC=217.132.122.115 DST=212.143.212.143 LEN=63 TOS=0x00 PREC=0x00 TTL=64 ID=36869 DF PROTO=UDP SPT=32808 DPT=53 LEN=43 Aug 19 22:22:17 localhost kernel: [4295659.526000] Unknown OutputIN= OUT=ppp0 SRC=217.132.122.115 DST=194.90.1.5 LEN=63 TOS=0x00 PREC=0x00 TTL=64 ID=36870 DF PROTO=UDP SPT=32808 DPT=53 LEN=43 |