Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - ardirtbiker

Pages: 1 [2] 3 4 ... 19
16
Users / Re: To 'bridge' or not to 'bridge'
« on: January 22, 2016, 01:27:49 am »
Thanks Alblasco,

Here is my /etc/network/interfaces file:
Code: [Select]
# Activating interfaces
auto eth0 br0 lo

#####
# Loopback interface
#####
iface lo inet loopback

#####
# IPv4 network interfaces
#####

# --- External NIC ---
iface eth0 inet dhcp
pre-up sysctl -q -e -w  net.ipv6.conf.eth0.disable_ipv6=1
up /sbin/ifconfig eth0 up
down /sbin/ifconfig eth0 down

# --- Internal NIC ---
iface eth1 inet manual
pre-up sysctl -q -e -w net.ipv6.conf.eth1.disable_ipv6=1
up /sbin/ifconfig eth1 up
down /sbin/ifconfig eth1 down
#####

# --- Wireless NIC ---
iface wlan0 inet manual

# --- Bridge ---
iface br0 inet static
address 192.168.80.1
network 192.168.80.0
netmask 255.255.255.0
broadcast 192.168.80.255
gateway 192.168.1.254
pre-up /usr/sbin/hostapd -B /etc/hostapd/hostapd.conf
bridge_ports eth1 wlan0
dns-nameservers 192.168.1.254 8.8.8.8
dns-search LinuxMCE.local
down /sbin/ifconfig br0 down

Here is /etc/default/isc-dhcp-server:
Code: [Select]
INTERFACES="br0"
and here is the output of iptables -vnL
Code: [Select]
Chain INPUT (policy DROP 3 packets, 116 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x3F/0x29
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x3F/0x3F
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x3F/0x00
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x06/0x06
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x03/0x03
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x11/0x01
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x3F/0x37
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1
    2    92 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0            /* Allow_Loopback */
  492 57564 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED /* Allow_Established */
    0     0 ACCEPT     udp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            /* Allow_DHCP */
    6  1616 ACCEPT     udp  --  br0    *       0.0.0.0/0            0.0.0.0/0            /* Allow_DHCP */
    0     0 ACCEPT     udp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            /* Allow_DHCP */
    2   120 ACCEPT     tcp  --  br0    *       192.168.80.0/24      0.0.0.0/0            /* Allow_Local_Network */

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  lo     lo      0.0.0.0/0            0.0.0.0/0            /* Allow_Loopback */
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED /* Allow_Established */
    4  2563 ACCEPT     tcp  --  br0    *       192.168.80.0/24      0.0.0.0/0            /* Allow_Local_Network */

Chain OUTPUT (policy ACCEPT 317 packets, 45260 bytes)
 pkts bytes target     prot opt in     out     source               destination         
       



Let me know if you need anything else.

Dennis

17
Users / To 'bridge' or not to 'bridge'
« on: January 21, 2016, 05:28:59 pm »
In lmce 1204 and 1404, bridging appears to have changed within the linux kernel.   In 1004 i had bridged eth1 (internal NIC) with wlan0 (AP) following  the instructions here:http://wiki.linuxmce.org/index.php/Access_Point
After changing 'eth1' in the firewall to 'br0' (the bridge interface), verything worked without a hitch.

In 1204 and 1404, when the bridge is set up the same, the MDs cannot access the nfs storage drives, but my wifi devices work fine. 

Is there a better route to take other than bridging?     Is there something else I need to do to the firewall?   

Some internet sources suggest installing ebtables and set up some rules there and add other rules to iptables.   I dont quite grasp firewalls  and am stuck.

Any suggestions will be greatly appreciated.

Dennis

18
Users / Re: Happy New Year!
« on: January 05, 2015, 02:52:39 am »
holy cow batman!   It WORKS!

thanks!

Dennis

Im using makemkv-bin so I'll see what in my library it can and cannot play!

Dennis

19
Users / Re: Happy New Year!
« on: January 05, 2015, 02:37:50 am »
DOHHHH... stupid popup blocker!   lemme try a'gin!   

Dennis

20
Users / Re: Happy New Year!
« on: January 05, 2015, 02:34:38 am »
I did a sqlcvs diff first.. no differences indicated.   I tried the sqlcvs update but nothing happened other than a reload of the web page.

I verified apt-upgrade is up-to-date.

DVDs launch as normal.

Obviously something is not right... but not sure where to look.

Note:  I am running 12.04

Dennis


21
Users / Re: Happy New Year!
« on: January 05, 2015, 02:18:40 am »
here is the Xine_Player.log: http://paste.ubuntu.com/9674221/

Note that there is information for a bluray file playing in the log (Tron Legacy).   Several attempts with bluray discs placed into the drive were made but Xine_Player log never gets any information about them.

here is the dpkg -l info: http://paste.ubuntu.com/9674235/

Dennis

22
Users / Re: Happy New Year!
« on: January 05, 2015, 01:49:03 am »
I followed the instructions listed.   Unable to get any further than the disk-detected message... I no longer get the message asking to 'rip' the bluray.

Dennis

23
Users / Re: Happy New Year!
« on: January 01, 2015, 09:13:48 pm »
Happy New Year to you as well.

Thanks for the info... I'll give it a shot.

Dennis

24
Users / Re: 710,810,1004 or what?
« on: November 01, 2014, 02:58:19 pm »
maverick0815,

I switched to 12.04 a short time ago... its pretty stable and everything that I DO use works.  I am not all that pleased with the newer Mythtv... it seems slower.

Dennis

25
Installation issues / [Resolved] Re: 12.04 - firewall issues?
« on: August 17, 2014, 03:22:50 pm »
An update to this.

I could not get the updated scripts to 'fix' the firewall issues.

I did download the latest 12.04 snapshot and did a fresh install.   This resolved the problem.

Thanks for the hard work guys...

now to see about creating an MD!!!

Dennis

26
Installation issues / Re: 12.04 - firewall issues?
« on: August 06, 2014, 02:17:22 am »
Gentlemen,
I applied the updated files supplied by Alblasco.

Network_Firewall.sh (from reply #9) to /usr/pluto/bin/Network_Firewall.sh (replacing original)
firewall.php (from reply #5) to /var/www/lmce-admin/operations/network/firewall.php (replacing original)

Rebooted core.

still unable to 'ping' an internet web page by name or address from the core OR a workstation getting IP from the core.

can anyone else confirm?

Thanks,
Dennis

27
Installation issues / Re: 12.04 - firewall issues?
« on: August 05, 2014, 03:20:11 am »
Thanks Alblasco1702.

I will apply the scripts tomorrow and report back when I get a chance.

Dennis

28
Users / Re: adding more PCI network cards
« on: August 04, 2014, 12:45:36 am »
you could always 'bridge' your 3 LMCE nics

Look at package bridge-utils and read this: http://www.cyberciti.biz/faq/debian-network-interfaces-bridge-eth0-eth1-eth2/

Dennis

29
Installation issues / Re: 12.04 - firewall issues?
« on: August 01, 2014, 10:21:15 pm »
Any ideas on this?

Dennis

30
Installation issues / Re: 12.04 - firewall issues?
« on: July 29, 2014, 03:35:44 am »
I did a re-install of 12.04 this evening and verified the same thing happens.

here is the output of iptables -nvL:
Quote
Chain INPUT (policy DROP 8041 packets, 2013K bytes)
 pkts bytes target     prot opt in     out     source               destination         
66532   78M BLOCKLIST  all  --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x3F/0x29
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x3F/0x3F
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x3F/0x00
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x06/0x06
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x03/0x03
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x11/0x01
    0     0 DROP       tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            tcpflags: 0x3F/0x37
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1
 6543 1173K ACCEPT     tcp  --  lo     *       0.0.0.0/0            0.0.0.0/0            /* Allow_Loopback */
  795  116K ACCEPT     udp  --  lo     *       0.0.0.0/0            0.0.0.0/0            /* Allow_Loopback */
50860   75M ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED /* Allow_Established */
  307 77973 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED /* Allow_Established */
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED /* Allow_Established */
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED /* Allow_Established */
    0     0 ACCEPT     udp  --  eth1   *       0.0.0.0/0            0.0.0.0/0            udp spt:67 /* Allow_DHCP */
    0     0 ACCEPT     udp  --  eth0   *       0.0.0.0/0            0.0.0.0/0            udp spt:68 /* Allow_DHCP */

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     tcp  --  lo     lo      0.0.0.0/0            0.0.0.0/0            /* Allow_Loopback */
    0     0 ACCEPT     udp  --  lo     lo      0.0.0.0/0            0.0.0.0/0            /* Allow_Loopback */

Chain OUTPUT (policy ACCEPT 51507 packets, 4357K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain BLOCKLIST (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    1    40 DROP       all  --  *      *       218.77.79.0/24       0.0.0.0/0           
    0     0 DROP       all  --  *      *       217.12.221.0/24      0.0.0.0/0           
    0     0 DROP       all  --  *      *       198.20.69.0/24       0.0.0.0/0           
    0     0 DROP       all  --  *      *       192.81.130.0/24      0.0.0.0/0           
    0     0 DROP       all  --  *      *       185.56.80.0/24       0.0.0.0/0           
    0     0 DROP       all  --  *      *       162.253.66.0/24      0.0.0.0/0           
    0     0 DROP       all  --  *      *       125.96.160.0/24      0.0.0.0/0           
    0     0 DROP       all  --  *      *       124.232.142.0/24     0.0.0.0/0           
    0     0 DROP       all  --  *      *       93.180.5.0/24        0.0.0.0/0           
    0     0 DROP       all  --  *      *       93.174.93.0/24       0.0.0.0/0           
    0     0 DROP       all  --  *      *       84.200.17.0/24       0.0.0.0/0           
    0     0 DROP       all  --  *      *       78.187.174.0/24      0.0.0.0/0           
    0     0 DROP       all  --  *      *       71.6.216.0/24        0.0.0.0/0           
    0     0 DROP       all  --  *      *       71.6.167.0/24        0.0.0.0/0           
    0     0 DROP       all  --  *      *       71.6.165.0/24        0.0.0.0/0           
    0     0 DROP       all  --  *      *       66.240.236.0/24      0.0.0.0/0           
    0     0 DROP       all  --  *      *       66.240.192.0/24      0.0.0.0/0           
    0     0 DROP       all  --  *      *       66.154.119.0/24      0.0.0.0/0           
    0     0 DROP       all  --  *      *       46.148.130.0/24      0.0.0.0/0           
    0     0 DROP       all  --  *      *       41.135.113.0/24      0.0.0.0/0           

and here is the output of 'host linuxmce.org'
Quote
linuxmce.org has address 193.200.112.137
linuxmce.org mail is handled by 10 mail.linuxmce.org.

and the output of 'ping linuxmce.org' (note that I had to kill the process.. it never stopped)
Quote
PING linuxmce.org (193.200.112.137) 56(84) bytes of data.

--- linuxmce.org ping statistics ---
940 packets transmitted, 0 received, 100% packet loss, time 946511ms


/etc/network/interfaces looks correct:
Quote
#####
# Loopback interface
#####
iface lo inet loopback

#####
# IPv4 network interfaces
#####

# --- External NIC ---
iface eth0 inet dhcp
   pre-up sysctl -q -e -w  net.ipv6.conf.eth0.disable_ipv6=1

# --- Internal NIC ---
iface eth1 inet static
   address 192.168.80.1
   netmask 255.255.255.0
   pre-up sysctl -q -e -w  net.ipv6.conf.eth1.disable_ipv6=1
        # DNS Settings for Internal Net
        dns-nameservers 192.168.80.1
        dns-search LinuxMCE

#####
# Activating interfaces
#####
auto eth0 eth1 lo



Since 'host' command returns a result I know name resolution is working and I can get to the public internet.  Ping returns a name resolution as well, but I do not get any 'ping' results back.   I'm thinking this is something to do with the firewall... but I'm not all that experienced with firewalls to say for certain.

Dennis

Pages: 1 [2] 3 4 ... 19