[Nottingham] Problems configuring second network card

John@tesco nottingham at mailman.lug.org.uk
Sat Apr 5 09:59:00 2003 

Don't know if this will help but I bought a Zonet ZSR-0104 cable
switcher/router from Compuplus on Mansfield Road for around £60. It can take
4 machines and has a built in firewall, is configurable for DMZ, URL
blocking etc

John
----- Original Message -----
From: "David Luff" <daveluff@ntlworld.com>
To: <nottingham@mailman.lug.org.uk>
Sent: Saturday, April 05, 2003 1:07 AM
Subject: [Nottingham] Problems configuring second network card


> Hi all,
>
> I've been running my machine connected to NTL's broadband for a few weeks
now using the MonMotha firewall script that was recommended on this list
(thanks!).  So far so good.  Now I'm trying to connect another machine
(running 'the other operating system') to a second network card in the Linux
box to be firewalled using NAT.  Unfortunately I'm having desperate problems
configuring the second network card in the Linux box.
>
> At the moment, eth0 is the card connected to the cable modem, that seems
to work OK.
>
> Here is my /etc/network/interfaces:
>
> ........................
>
> # Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or
> # /usr/share/doc/ifupdown/examples for more information.
>
> auto lo
> iface lo inet loopback
>
> auto eth0
> iface eth0 inet dhcp
>
> #auto eth1
> #iface eth1 inet static
> #address 192.168.0.1
> #network 192.168.0.0
> #netmask 255.255.255.0
> #broadcast 192.168.0.255
>
> ........................
>
> The problem is that if I comment out the eth1 lines (which I put in) the
computer siezes up at boot-up on the configuring network section until I
press Ctrl-C, at which point it starts without any networking working.  Is
there something desperately wrong with what I've configured for eth1 there?
>
> The other possiblility that occurs to me is that the second card is
getting detected wrongly - here's the output from dmesg | grep eth0:
>
> eth0: RealTek RTL8139 Fast Ethernet at 0xe096f000, 00:4f:4e:01:e9:f1, IRQ
10
> eth0:  Identified 8139 chip type 'RTL-8139A'
> eth0: Setting 100mbps full-duplex based on auto-negotiated partner ability
45e1.
> eth0: Setting 100mbps full-duplex based on auto-negotiated partner ability
45e1.
> eth0: Setting 100mbps full-duplex based on auto-negotiated partner ability
45e1.
> eth0: Setting 100mbps full-duplex based on auto-negotiated partner ability
45e1.
> eth0: Setting 100mbps full-duplex based on auto-negotiated partner ability
45e1.
>
> and from dmesg | grep eth1:
>
> eth1: ADMtek Comet rev 17 at 0xec00, 00:50:BF:9D:FE:FC, IRQ 11.
>
> The thing is, eth1 is according to the box an SMC1244TX and on the board
has an RTL8139C chipset.  Does the above look plausible for it?  (eth0 is an
RTL8139A as detected).
>
> And finally, FWIW, here's the configuration section from my MonMotha
firewall script that gets run at startup, just in case that's what's causing
things to go wrong...
>
> ................................
> # Main Options
> IPTABLES="/sbin/iptables"
> TCP_ALLOW=""
> UDP_ALLOW="68"
> INET_IFACE="eth0"
> LAN_IFACE="eth1"
> INTERNAL_LAN="192.168.0.0/24 192.168.1.0/24"
> MASQ_LAN="192.168.0.0/24 192.168.1.0/24"
> SNAT_LAN=""
> DROP="REJECT"
> DENY_ALL=""
> DENY_HOSTWISE_TCP=""
> DENY_HOSTWISE_UDP=""
> BLACKHOLE=""
> BLACKHOLE_DROP="DROP"
> ALLOW_HOSTWISE_TCP=""
> ALLOW_HOSTWISE_UDP=""
> TCP_FW=""
> UDP_FW=""
> MANGLE_TOS_OPTIMIZE="FALSE"
> DHCP_SERVER="FALSE"
> BAD_ICMP="5 9 10 15 16 17 18"
> ENABLE="Y"
>
> # Flood Params
> LOG_FLOOD="1/s"
> SYN_FLOOD="20/s"
> PING_FLOOD="1/s"
>
> # Outbound filters
> # FIXME: Update config help wiki then remove one-liner help
> ALLOW_OUT_TCP="" # Internal hosts allowed to be forwarded out on TCP (do
not put this/these host/s in INTERNAL_LAN, but do define their method of
access [snat, masq] if not a public ip)
> PROXY="" # Redirect for Squid or other TRANSPARENT proxy. Syntax to
specify the proxy is "host:port".
> MY_IP="" # Set to the internal IP of this box (with the firewall), only
needed for PROXY=
> ........................
>
> Any help with this would be much appreciated - I'm sort of out of ideas at
this point (apart from ripping the second network card out and trying a
different one!)
>
> Cheers - Dave
>
> _______________________________________________
> Nottingham mailing list
> Nottingham@mailman.lug.org.uk
> http://mailman.lug.org.uk/mailman/listinfo/nottingham
>