[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 483: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/bbcode.php on line 112: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4688: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4690: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4691: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
[phpBB Debug] PHP Warning: in file [ROOT]/includes/functions.php on line 4692: Cannot modify header information - headers already sent by (output started at [ROOT]/includes/functions.php:3823)
FREESCO Support • View topic - packet forwarding issues from internal network

packet forwarding issues from internal network

Support section for FREESCO v0.4.x

packet forwarding issues from internal network

Postby netllama » Sun Jul 22, 2012 4:48 pm

Greetings,
I'm a long time Freesco user (going on about 10 years now!). I'm currently running v0.4.3, setup as a router between my home's internal network and a DSL connection to the wide open internet. For years, my home network has experienced a strange routing quirk which has mystified me. The issue is as follows:
I run a web server on my home network, and all the IP addresses on this home network are non-routable (10.xxx.xxx.xx). That same webserver is accessible over the internet, with a real, routable (quasi)static IP address (and associated domain name). If any device/system on my home
network attempts to access the webserver, it will timeout & fail 100% of the time. However, if I hard code the non-routable static home network IP of
the webserver in /etc/hosts with the same internet accessible domain name, then any system on my home network can access the webserver just
fine. Note, this is *not* a port issue. I'm able to hit the same apache server port regardless of whether I'm inside the network, or out on the internet.

After some research, it seems like the problem is the Freesco box, which is potentially not forwarding the packets from the internal network back inside the network if they are intended for the web server (rather than something elsewhere on the ineternet).

If I was dealing with a 2.6.x Linux kernel and iptables, I think I'd need to add the following rule on the Freesco box to fix this:
iptables -t nat -I POSTROUTING -o br0 -s 10.0.0.0/24 -d 10.0.0.0/24 -j MASQUERADE

Unfortunately, freesco is an older kernel version which does ipchains (I think), and I'm at a loss how on to deal with this (both the correct command, and where to set it up so that its persistant following a reboot of the freesco box).

thanks in advance for input.
User avatar
netllama
Newbie
 
Posts: 8
Joined: Wed Jul 10, 2002 11:53 am

Re: packet forwarding issues from internal network

Postby Lightning » Tue Jul 24, 2012 7:38 pm

V0.4.4 with the firewall patch would/should resolve this specific issue as I use a similar type of setup.

However with v0.4.3 if you are somewhat capable with the command line and or mc I could tell you how to update the firewall with the newer 0.4.4 firewall in your 0.4.3 system also.

There are also other ways as well to resolve the problem if you want to try and manually fix the problem.

Just let me know how you want to proceed.

P.S. the 2.0.x kernel uses ipfwadm commands.
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12081
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: packet forwarding issues from internal network

Postby netllama » Tue Jul 24, 2012 7:43 pm

Thanks for your reply. Yes, I'm fairly competent in a bash shell environment, so if you can explain how to address this in 0.4.3 either by applying the 0.4.4 firewall, or via some other manual method, I'm quite willing to give that a try.

thanks!
User avatar
netllama
Newbie
 
Posts: 8
Joined: Wed Jul 10, 2002 11:53 am

Re: packet forwarding issues from internal network

Postby Lightning » Wed Jul 25, 2012 6:50 pm

If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12081
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: packet forwarding issues from internal network

Postby netllama » Wed Jul 25, 2012 9:23 pm

Thanks. I installed the new rc_masq in /pkg/rc per your instructions, and restarted it. After testing, nothing changed (same problem persisted).

I think I can switch to the symmetric NAT simply by setting ENAMSQ=s in /etc/system.cfg (at least without requiring a reboot)? If so, I did that, and restarted /pkg/rc/rc_masq again, but again there was no change/improvement. Let me know if I really need to either run setup to make this change or if I must reboot for it to take effect.

Also, I've attached a report generated after I did all of the above. Perhaps it will shed some light on what might be going wrong. I'd be happy if it was user error.

thanks for your help so far.
You do not have the required permissions to view the files attached to this post.
User avatar
netllama
Newbie
 
Posts: 8
Joined: Wed Jul 10, 2002 11:53 am

Re: packet forwarding issues from internal network

Postby Lightning » Wed Jul 25, 2012 10:43 pm

Unfortunately I did not entirely understand the issue until right now. I was assuming the web server was on FREESCO and not an internal machine. Which you did clearly state in your original message after I re-read it and then looked at your iptables rule a LOT closer.

Unfortunately there is no equivalent rule for ipfwadm and FREESCO is not able to re-route a port forward into it's self. The ONLY real solution to handle this problem in FREESCO is to enable the DNS server and add the host names for the server and it's static internal IP address to the /etc/dns.cfg and /boot/etc/dns.cfg files and then use "rc_dns restart". Of course this would also be a lot simpler if your clients were using DHCP so that they were automatically configured for DNS and any other network changes. But you can manually put in FREESCO as the DNS server for the clients.

As a side note, you are correct about editing the system.cfg file with the exception that if you reboot the changes would be lost unless you also copy it to the /boot/etc/ directory afterwards. The /etc/ directory is the ramdisk live and in use files and the /boot/etc/ is the hard drive copies that create the /etc/ versions at boot time.
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12081
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: packet forwarding issues from internal network

Postby netllama » Thu Jul 26, 2012 9:25 pm

Thanks. I took your advice, and setup the DNS server with the static internal IP of my web server. Then I reconfigured my dhcp server (running on a Linux box on my internal network) to hand out the DNS server as part of the dhcp lease. Everything works perfectly.

many thanks for your help!
User avatar
netllama
Newbie
 
Posts: 8
Joined: Wed Jul 10, 2002 11:53 am


Return to FREESCO Support for v0.4.x

Who is online

Users browsing this forum: No registered users and 1 guest