I've recently installed Ubunter 9.10 Server Edition to use as a NAT firewall for the lab I run. I'm using iptables to do NAT forwarding and everything works great except that, occasionally, connections seem to break. Ssh connections close with "Connection reset by peer" and HTTP connections just stall out.I believe this has to do with the firewall's internal network interface occasionally dropping packets.
I switched over to Fedora a couple of days ago. I'm using the built-in firewall shipped with it but I can't find out how to enable logging of dropped packets. Among others I'd like to use psad that needs firewall logging. Is there an easy way to do this? I'm not an iptables "expert".
i have a linux server runnig oracle applications. i need to access this server from putty using ssh through internet. i did by registering my static ip with the dnydns.org and i am able to connect to the server. but now there is no security to authenticate any user as any one knowing the password can login to it.
i thought of configuring the firewall of linux server but the client ip`s are not static and they change continiously. so thought of keeping one more pc between the server and the router which will do the work of authenticating. but i am confuse as how to configure it to allow the packets coming from the internet after authenticating and to by pass the packets generated from internal LAN?
One of our RHEL 5.3 servers has trouble about 30% of the time with TCP-based communications, but it does not seem to be firewall issues. From another computer on the same switch, you can SSH to the server sometimes and other times the SSH command will just hang. When it hangs, you can often just Ctrl+C and try it again and it works. Same with HTTP connections. You'll get part of a web page and then FireFox will just hang waiting for the rest and eventually time out. Same goes for communication initiated FROM the server. SSH'ing from the server to any outside server or connecting to any web site works sometimes, but most times not. iptables if off. No other firewalls are running. Tcpdump shows communication gets so far and then stops. It does not matter whether tou run tcpdump on that server or the client connecting to it. Either way you see the connection stops working. MEANWHILE, pinging with small or large packets works flawlessly. 10,000 packets, zero drops.
I've run into a of a routing issue pertaining to packets leaving a firewall, traversing and IPSec tunnel, hitting the target and then returning via a different tunnel, finally arriving back on the source firewall but on a different interface from where it started. Once the packet has returned to the firewall it is dropped I've been unable to discover the reason for the drop. Two sides to the system, Firewall A and Firewall B. Each firewall provides the default gateway to its respective side and offers a backup IPSec tunnel to the high capacity tunnel handled internally. The Layer 3 Switch uses OSPF and takes care of the bulk of the behind the scenes routing between the sides. In case of failure the Layer 3 switches direct traffic to use the Firewall tunnels to route traffic.
I'm running a Debian Squeeze 6.0.1a box that's connected to my ISP via an L2TP connection that's managed by OpenL2TPD. The box is configured to perform NAT from local clients (on eth0) to the internet (on ppp0).
However, I'm having an issue with TCP packets that are sent from the box itself to the internet (packets originally coming from the local clients get sent and received over the internet just fine)
I'm using this Python app to test this:
Code: #!/usr/bin/env python import socket, time s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.bind(('', 5003)) s.listen(1) while 1: conn, addr = s.accept()
with my other ethernet card problem solved, I suddenly run into this:
Code: eth1 Link encap:Ethernet HWaddr 00:02:e3:16:37:4c inet addr:10.0.2.1 Bcast:10.0.2.255 Mask:255.255.255.0 inet6 addr: fe80::202:e3ff:fe16:374c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
This card was working perfectly fine up until....an hour ago and it started doing this. My iptables isn't blocking it somehow, because I didn't change anything. I tried reverting to an older kernel and that didn't help. It's not the network cable, it works fine in any other card. Also, the dropped packets seem to count down? It seems to go down by exactly one every time I run ifconfig, no matter the length of time in between running it.
As is known, there is a queue lies between the kernel subsystem and the network driver for incoming data. And if data come when this queue has no space for it, the data got dropped by kernel. Is there some way to see how many packets are dropped due to this buff penury? I tried netstat -s but could not find something useful. On the other hand, I found this 12176 packets collapsed in receive queue due to low socket buffer from netstat -s. I think this is something related to the per-socket buffer, but not the incoming queue between the network driver and kernel. Is this right?
I'm running ubuntu 11.04, and using firestarter for my firewall. Logging events, all good, but I'd like to be able to (tcp)dump the packets being dropped/rejected. Wireshark is great after the event, but can I hook iptables and tcpdump together somehow so the system logs the entire packet rather than the summary when it says "no"? I've had a quick look/google, but can't find anything. I'm sure somebody must have wanted to do this before - any pointers people?
PS - will keep looking and post the answer if I find one....
I am trying to figure out what command to use to show the number of DROPPED and INVALID packets that the firewall is handling.I'm going to put these commands into a log analyzer script which will run every 15 minutes with cron. The firewall is running and operating the way I want it to. I'm running CentOS 5.4.
I'm looking for an open source/free network emulator tool that I could use on Mac OS X, to simulate a slow network connection, limited bandwidth and other network characteristics such as dropped packets etc for both UDP/TCP connections (or even on the physical layer).
I'm looking for the simplest solution that would allow me to run TCP/UDP servers and have a few clients connect to them on localhost emulating various network connections. I'm mainly wondering if I can use something like Linux's netem on Mac OS X (or even better cross-platform Windows/Linux/Mac). Perhaps I can run VirtualBox and a Linux kernel running netem, has anyone had luck with that?[URL]...
I've been receiving a LOT of log cruft ever since I installed my WUSB100V2 (using the rt2870sta community driver from the Linux kernel) and was wondering what it all meant.
Many times when these messages occur it is accompanied by slow network speeds and many DNS queries and outgoing SYNs being dropped. I have searched for documentation for these (error?) messages and have come up empty as far as what they mean or how I can stop them from occurring.
I reside on the opposite side of the building from my WAP. I have taken steps to improve the signal strength, but the signal quality hovers between 50% and 70%, sometimes dropping to 40% for unknown reasons.
my NIC drives me crazy and I need some help to gather all relevant informations to file a decent bug report. Maybe someone could guide me through this process.My mainboard is an AsRock Z68 Pro3
I use a dual-boot setup with Windows7 installed in parallel to Fedora 15-x64. Whenever I had Windows in use and jjust reboot the system into Fedora, the NIC does not work as expected. Instead it goes in an endless "em1: link up" loop which results in very low bandwith or even complete network timeouts. This happens in Firefox as well as with yum or ping.
Originally Posted by dmesg [ 58.763294] r8169 0000:05:00.0: em1: link up [ 59.686773] r8169 0000:05:00.0: em1: link up [ 61.936454] r8169 0000:05:00.0: em1: link up
If I directly cold boot into Fedora (after the power cord has been removed and the system got completely re-initialized) there are no problems at alll and I get a fast and stable network conection. This also happens with other linux distributions, for example SysRescCD.
The policy for the rest is ACCEPT.This redirection didn't work this way. If I do lynx http://192.168.0.74:80 I reach 192.168.0.74 host, so there is no redirection.Could I achieve what I'm needing through with IPTABLES' OUTPUT chain (in nat table)?
I am learning to setup firewall in my home for that i have selected four system(sys1,sys2....sys4) for testing .I have configured sys2 to act as a firewall with two NIC. sys3 and sys4 are inside the firewall . sys1 is not connected to firewall for testing purpose.
the IP assignments are follows :
sys1 : ( fedora, not connected to firewall i am thinking, But i am not sure )
what happened is that sys1(not connected to firewall) can ssh to sys4(connected,inside firewall),since the rules are written not to ssh form sys1 to sys4..
then I came to know whatever the request I give, It directly goes as sys1 --> sys4. Not as sys1-----> sys2(firewall)---> sys4 .and the firewall is not filtering and processing anything for both inbound and outbound (i think it's my mistake some where). the requests are directly going inside without firewall.
I have a hardware device with two ethernet ports, eth0 and eth1 running Centos 5. Basically my goal is to forward packets from eth0->eth1 and eth1->eth0 as well as get a copy of these packets for analysis. If I set IP routing to do the forwarding then I won't get a copy of the packets for analysis.
My wireless connection keeps getting dropped very frequently. I am on a Dell XPS m1530 and I will just be on the interent and it just disconnects from wireless and I have to connect back. It is super annoying. I am on the latest version of ubuntu.
my laptop running 10.10 and a dell. the college is witch i attend's unsecured wireless network keep disconnecting me from every on average 45 minutes to an hour ands will not re connect for about 10-15 minutes. it works fine anywhere else i go but here i get dropped.
I've been using my current laptop since Ubuntu Edgy Eft and, since then, I never had any problem with wireless ( Network controller: Intel Corporation PRO/Wireless 3945ABG [Golan] Network Connection (rev 02) ) Since I upgraded to Lucid, my connection is dropped approximately every 3-4 minutes for 10s. Network-manager doesn't show anything but it is well visible with the netspeed applet that shows a warning sign "No connection" instead of the speed.This is very annoying and frustrating. I recall having seen the same issue in an blog article where the author was talking about his upgrade to lucid. It was just one line and I didn't care a lot at the time and cannot find the article back.
Is there anyone having heard about a possible issue ? (I've upgraded from Karmic when Lucid was still in Beta, so it might be the cause).
I'm working right now with ubuntu 11.04 on my asus ul30vt-x1, my wireless n network is working on a linksys e3000 router, my issue is basically with long file transfers. When the issue started i was reaching speeds of 100 Mbps through my wireless network even when I'm connected at 150 Mbps. However when at this speed, I don't know why, the connection is dropped after some minutes or even seconds. I made some testing on windows, I'm reaching 70 Mbps there and no problem at all with dropping the connection.
So my conclusion is that for some reason the linux driver, in my case, is not able to handle such speed of 100 Mbps. I know that a wireless network will have a throughput of aprox 60% the wireless speed. Right now im trying to apply traffic shapping to my transfers so i can get 70 to 80 Mbps, its being working so far.
The strange thing is the connections coming through in the virtual machine seem to be getting dropped. A port scan from the internet says the port is closed, but it is not the case as I can see the connection coming through. As you've probably worked out, I am running a mail server. When I send myself test mail, the connections from the senders mail server also gets dropped.
when I change the hostname on my Ubuntu server, the DHCP clients table in my router is dropped.I'm running 32-bit Ubuntu Server 10.10. My router is a Linksys WRT54GL with firmware version 4.30.15. I'm changing the hostname by modifying /etc/hosts and /etc/hostname. I've also tried changing the hostname using the Linux hostname command in a terminal, but this does not seem to behave correctly according to the manpages (it does not actually change the hostname, or update either of the aforementioned files).
I've also tried using a different router - a Linksys BEFSR41 - but the DHCP table is still dropped when I change the hostname on my server (although this router is not all that different from my other one).
My wireless is flakey -- dropped connections, poor speed, etc. As diagnosis, I loaded the 'wavemon' utility so that I might watch the radio and signal and noise.Things will be good, then fall off, then get better, then go away entirely. Repeat continuously and randomly. For these experiments, my laptops -- more than one -- are on a table.The table is roughly 15-20 ft laterally from the access point. The access point is also 8 ft above the floor vs. 3 ft table height.(grin) While the signal "wobbles" everything else is mechanically stable and otherwise not moving.
I have a Netgear DG834 ADSL router (v3) which I have used for a couple of years. Prior to that I had a v2 of the same router, but upgraded for the one that supports ADSL 2+ (here in the UK).
Recently I have been having problems with the connection often being dropped, and when I access 192.168.0.1 for the router admin page, when it is not working I get no IP address listed for that of the ISP's server, and sometimes as well the upstream and downstream speeds are listed as 0 kbps.
Usually this was resolved by rebooting the router.
However, for the last couple of days, when using Ubuntu 9.04, the page of the router at 192.168.0.1 will not load. I have tried numerous different browsers, and none of them will give the router admin page.
When I tried booting from a live CD of Fedora 13, the router admin page came up just fine, no problems (although still not getting a proper connection to the Internet).
I was going to try to use the older router I had, but so far, as I cannot access the router admin page in Ubuntu, I have not done so (not had the time, and now I am at work posting this).
So there must be a problem in Ubuntu that is preventing it showing the router's admin page. The Network connection details show that the router has given the PC an IP address of 192.168.0.6 and the DNS servers are listed, so I know that Ubuntu is talking to the router, but it is not allowing me to access its settings in any way.
I'm running a ZTE MF112 HSUPA USB stick (3 broadband dongle) for wireless broadband using network-manager.I can connect fine to mobile broadband, but every now and then, the signal drops and the connection is disconnected. When I try to reconnect it goes straight to network disconnected. It looks like it's not even trying to connect.Then when I right click on network manager, disable mobile broadband, then enable it again, works fine until the next disconnect.The point is, why do I have to keep disabling / enabling it? Pulling the dongle out works too. But there should be a workaround.