| View previous topic :: View next topic |
| Author |
Message |
DaQatz
n00b
Joined: 05 Apr 2011
Posts: 4
|
 Posted: Mon Aug 01, 2011 3:26 pm Post subject: No access from wan after update |
 |
|
I recently updated one of my systems, afterward I found that I couldn't access it from outside my network.
It's behind a router with OpenWRT installed.
Ports I tried are forwarded.
If I put another computer in the network on it's ip, the existing forwarding works.
If I change it's a local network ip and, re-foward the ports nothing changes.
I first noticed it attempting to ssh. However after testing all of it's other services http,vnc,etc... it's all the ports not just one service.
iptables is installed, but no rules have been entered.
Lan side access appears to work fine.
Shaking a dead chicken at it, and chanting lullabies in Norwegian had no affect.
Just looking for advice, and other things I can try. |
|
| Back to top |
|
 |
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54830
Location: 56N 3W
|
| Posted: Mon Aug 01, 2011 4:00 pm Post subject: |
|
|
DaQatz,
No access from just the WAN or from the LAN too ?
What does show?
The output of might help too
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
DaQatz
n00b
Joined: 05 Apr 2011
Posts: 4
|
| Posted: Mon Aug 01, 2011 4:32 pm Post subject: |
|
|
ifconfig -a
| Code: |
bond0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
BROADCAST MASTER MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
eth0 Link encap:Ethernet HWaddr 00:22:15:b4:00:32
inet addr:192.168.1.*Censored* Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: *Censored* Scope:Global
inet6 addr: *Censored* Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:24834 errors:0 dropped:0 overruns:0 frame:0
TX packets:27139 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1559187 (1.4 MiB) TX bytes:1711141 (1.6 MiB)
Interrupt:41 Base address:0x4000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:4131 errors:0 dropped:0 overruns:0 frame:0
TX packets:4131 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:179444 (175.2 KiB) TX bytes:179444 (175.2 KiB)
sit0 Link encap:IPv6-in-IPv4
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
tunl0 Link encap:IPIP Tunnel HWaddr
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
vboxnet0 Link encap:Ethernet HWaddr 0a:00:27:00:00:00
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
|
route -a
| Code: |
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
127.0.0.0 - 255.0.0.0 ! 0 - 0 -
192.168.1.0 0.0.0.0 255.255.255.0 U 3 0 0 eth0
|
| Quote: | | No access from just the WAN or from the LAN too ? |
I can access the system fine from any other system on the lan. It appears to be only incoming connections from the wan that are affected. |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54830
Location: 56N 3W
|
| Posted: Mon Aug 01, 2011 5:23 pm Post subject: |
|
|
DaQatz,
That all looks in order.
It would be interesting to run tcpdump to see if WAN packets ever reach your system and if their is a response.
You bond0 appears to not be up. Depending on what you have in /etc/rc.conf that may prevent services like ssh, that depend on networking, from being started.
See the part that says
| /etc/rc.conf wrote: | # Do we allow any started service in the runlevel to satisfy the dependency
# or do we want all of them regardless of state? For example, if net.eth0
# and net.eth1 are in the default runlevel then with rc_depend_strict="NO"
# both will be started, but services that depend on 'net' will work if either
# one comes up. With rc_depend_strict="YES" we would require them both to
# come up.
#rc_depend_strict="YES" |
You may need | Code: | | rc_depend_strict="NO" |
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
dtlgc
n00b
Joined: 27 Jul 2004
Posts: 60
Location: Texas
|
| Posted: Sun Sep 25, 2011 9:01 pm Post subject: |
|
|
After an exhaustive upgrade of openrc and baselayout2, this issue is my final milestone...
I had to add a manual start file in /etc/local.d/tmp_eth0.start
which simple contains /etc/init.d/net.eth0 start
and a couple of other items that did not start due to eth0 not being present ie. /etc/init.d/mysql restart
I have tried net.eth0 at both default and boot runleves to no avail....
I see it coming up during boot as the lightblue symlink, but does not have an [ok] .... just blank
any other suggestions? |
|
| Back to top |
|
|
|
Networking & Security
