I deleted the firewall files “K09SuSEfirewall2_init”, “K01SuSEfirewall2_setup”, “S11SuSEfirewall2_setup” and “S01SuSEfirewall2_init” from “/etc/rc.d/rc5.d” in order to disable the firewall when rebooting.
As a consequence all network services are not working. I can’t connect to any other machine nor to the internet.
I rebuilt the symbolic files based on the ones for runlevel 3, but still no network services are available.
Any suggestions how to make it work again? I’m using Suse 11.3.
Show output from when you try to start the network. Next time when you
want to disable the firewall just disable the service from within Yast.
#show output from the following
sudo /etc/init.d/network start
Good luck.
On 11/17/2010 12:06 PM, florian tuerke wrote:
>
> Hi,
>
> I deleted the firewall files “K09SuSEfirewall2_init”,
> “K01SuSEfirewall2_setup”, “S11SuSEfirewall2_setup” and
> “S01SuSEfirewall2_init” from “/etc/rc.d/rc5.d” in order to disable the
> firewall when rebooting.
>
> As a consequence all network services are not working. I can’t connect
> to any other machine nor to the internet.
>
> I rebuilt the symbolic files based on the ones for runlevel 3, but
> still no network services are available.
>
> Any suggestions how to make it work again? I’m using Suse 11.3.
>
> Thanks!!
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
Based on your symptoms I’m skeptical that your network was ever working,
so let’s take a step back and do some basic troubleshooting. Post the
output from the following:
ip addr
ip route
ip -s link
cat /etc/resolv.conf
Next, let’s have the system try to recreate those symlinks properly:
Have the output from the other commands (ping/netcat) as well? Also, I
meant to get all twenty lines from /var/log/firewall, not just the last
one. Sorry for the confusion.
Good luck.
On 11/18/2010 10:36 AM, florian tuerke wrote:
>
> Thats the output:
>
> nauja:~ # ip addr
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
> inet 127.0.0.2/8 brd 127.255.255.255 scope host secondary lo
> inet6 ::1/128 scope host
> valid_lft forever preferred_lft forever
> 2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast
> state DOWN qlen 1000
> link/ether 20:cf:30:8b:1a:e4 brd ff:ff:ff:ff:ff:ff
> inet 138.4.116.67/25 brd 138.4.116.127 scope global eth0
> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
> link/ether 00:e0:4c:55:c4:30 brd ff:ff:ff:ff:ff:ff
> nauja:~ # ip route
> 138.4.116.0/25 dev eth0 proto kernel scope link src 138.4.116.67
> 169.254.0.0/16 dev eth0 scope link
> 127.0.0.0/8 dev lo scope link
> default via 138.4.116.1 dev eth0
> nauja:~ # ip -s link
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> RX: bytes packets errors dropped overrun mcast
> 42699 457 0 0 0 0
> TX: bytes packets errors dropped carrier collsns
> 42699 457 0 0 0 0
> 2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast
> state DOWN qlen 1000
> link/ether 20:cf:30:8b:1a:e4 brd ff:ff:ff:ff:ff:ff
> RX: bytes packets errors dropped overrun mcast
> 0 0 0 0 0 0
> TX: bytes packets errors dropped carrier collsns
> 0 0 0 0 0 0
> 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000
> link/ether 00:e0:4c:55:c4:30 brd ff:ff:ff:ff:ff:ff
> RX: bytes packets errors dropped overrun mcast
> 0 0 0 0 0 0
> TX: bytes packets errors dropped carrier collsns
> 0 0 0 0 0 0
> nauja:~ # cat /etc/resolv.conf
> ### /etc/resolv.conf file autogenerated by netconfig!
> #
> # Before you change this file manually, consider to define the
> # static DNS configuration using the following variables in the
> # /etc/sysconfig/network/config file:
> # NETCONFIG_DNS_STATIC_SEARCHLIST
> # NETCONFIG_DNS_STATIC_SERVERS
> # NETCONFIG_DNS_FORWARDER
> # or disable DNS configuration updates via netconfig by setting:
> # NETCONFIG_DNS_POLICY=’’
> #
> # See also the netconfig(8) manual page and other documentation.
> #
> # Note: Manual change of this file disables netconfig too, but
> # may get lost when this file contains comments or empty lines
> # only, the netconfig settings are same with settings in this
> # file and in case of a “netconfig update -f” call.
> #
> ### Please remove (at least) this line when you modify the file!
> search dmt.upm.es
> nameserver 138.100.4.4
>
> The last line of sudo tail -20 /var/log/firewall gives:
>
> Nov 17 18:26:58 nauja kernel: 402.610171] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:1d:60:36:3f:55:08:00
> SRC=138.4.116.74 DST=138.4.116.67 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> ID=20848 DF PROTO=TCP SPT=59645 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B40402080A0957A7750000000001030307)
>
>
> I also deleted and added the symlinks of the firewall files as you
> mentioned above and changed the ethernet card to make sure it`s working.
>
> Still no results. But yes, it was working perfectly for about a month
> before I messed up.
>
> Thanks so much!!
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
here you go. Any clues? Really strange. I also tested another ethernet card and cable and socket but still no connection. Also re-installing suse or rescuing it doesn’t work since no network connection can be established. Something really strange must have happened.
nauja:~ # netcat -zv Google 80 Google forward host lookup failed: Host name lookup failure : Resource temporarily unavailable
nauja:~ #
I tried to re-install the whole thing and after putting in the network configuration data in the installation setup this came up: an error occrurred during the network configuration. your network card probably was not recognized by the kernel
as I said before. I already tried a different hardware. Same results.
Hmmm… a couple problems. First, the silly web interface munged up
part of what I sent with the Google URL which is annoying, but not the
worst part. Be sure to copy/paste the commands I sent. I used backticks
in several of the commands and you put in single-quotes and the different
caused several errors that should not have been there when pinging.
The most-interesting thing overall is that google.com could not be
resolved. Your DNS server should have resolved that properly but appears
to have failed which would impact most of your other attempts as well. On
the other hand, pinging 8.8.8.8 also failed. Are you positive that
138.4.116.1 is the correct IP for your router? Also are you sure your
netmask for your network should be /25 instead of /24? Any other boxes on
your network that are working? If so, get their network information and
post it here.
138.4.116.67/25
Good luck.
On 11/19/2010 04:06 AM, florian tuerke wrote:
>
> here you go. Any clues? Really strange. I also tested another ethernet
> card and cable and socket but still no connection. Also re-installing
> suse or rescuing it doesn’t work since no network connection can be
> established. Something really strange must have happened.
>
> nauja:~ # netcat -zv ‘Google’ (http://www.google.com) 80
> ‘Google’ (http://www.google.com forward host lookup failed: Host name
> lookup failure : Resource temporarily unavailable
> nauja:~ #
>
>
>
> nauja:~ # ping -c 2 ‘ip route | grep default | awk ‘{print $2}’’
> ping: unknown host ip route | grep default | awk {print
>
>
> nauja:~ # ping -c 2 google.com
> ping: unknown host google.com
>
>
> nauja:~ # ping -c 2 8.8.8.8
> PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
> From 138.4.116.67: icmp_seq=1 Destination Host Unreachable
> From 138.4.116.67 icmp_seq=1 Destination Host Unreachable
> From 138.4.116.67 icmp_seq=2 Destination Host Unreachable
>
> — 8.8.8.8 ping statistics —
> 2 packets transmitted, 0 received, +3 errors, 100% packet loss, time
> 999ms
> , pipe 2
>
>
> nauja:~ # ping -c 2 ‘grep ‘^nameserver’ /etc/resolv.conf | awk ‘{print
> $2}’ | head -1’
> ping: unknown host grep ^nameserver /etc/resolv.conf | awk {print
>
>
> nauja:~ # sudo tail -20 /var/log/firewall
>
> Nov 17 15:01:13 nauja kernel: [619754.303181] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:20:9c:66:58:ce:08:00
> SRC=138.100.223.181 DST=138.4.116.67 LEN=52 TOS=0x00 PREC=0x00 TTL=125
> ID=1775 DF PROTO=TCP SPT=49325 DPT=22 WINDOW=8192 RES=0x00 SYN URGP=0
> OPT (020405B40103030801010402)
> Nov 17 15:01:16 nauja kernel: [619757.300952] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:20:9c:66:58:ce:08:00
> SRC=138.100.223.181 DST=138.4.116.67 LEN=52 TOS=0x00 PREC=0x00 TTL=125
> ID=1776 DF PROTO=TCP SPT=49325 DPT=22 WINDOW=8192 RES=0x00 SYN URGP=0
> OPT (020405B40103030801010402)
> Nov 17 15:01:22 nauja kernel: [619763.297082] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:20:9c:66:58:ce:08:00
> SRC=138.100.223.181 DST=138.4.116.67 LEN=48 TOS=0x00 PREC=0x00 TTL=125
> ID=1777 DF PROTO=TCP SPT=49325 DPT=22 WINDOW=8192 RES=0x00 SYN URGP=0
> OPT (020405B401010402)
> Nov 17 15:02:07 nauja kernel: [619808.359735] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:20:9c:66:58:ce:08:00
> SRC=67.23.248.178 DST=138.4.116.67 LEN=40 TOS=0x00 PREC=0x00 TTL=248
> ID=53130 PROTO=TCP SPT=21 DPT=21 WINDOW=40 RES=0x00 SYN URGP=0
> Nov 17 15:05:11 nauja kernel: [619992.236939] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:30:48:78:9e:e1:08:00
> SRC=138.4.116.38 DST=138.4.116.67 LEN=48 TOS=0x00 PREC=0x00 TTL=64
> ID=12590 DF PROTO=TCP SPT=44492 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B401030309)
> Nov 17 15:05:14 nauja kernel: [619995.232116] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:30:48:78:9e:e1:08:00
> SRC=138.4.116.38 DST=138.4.116.67 LEN=48 TOS=0x00 PREC=0x00 TTL=64
> ID=12591 DF PROTO=TCP SPT=44492 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B401030309)
> Nov 17 15:05:20 nauja kernel: [620001.223963] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:30:48:78:9e:e1:08:00
> SRC=138.4.116.38 DST=138.4.116.67 LEN=48 TOS=0x00 PREC=0x00 TTL=64
> ID=12592 DF PROTO=TCP SPT=44492 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B401030309)
> Nov 17 18:23:29 nauja kernel: 194.536231] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:20:9c:66:58:ce:08:00
> SRC=138.100.209.198 DST=138.4.116.67 LEN=52 TOS=0x00 PREC=0x00 TTL=125
> ID=3150 DF PROTO=TCP SPT=49442 DPT=22 WINDOW=8192 RES=0x00 SYN URGP=0
> OPT (020405B40103030801010402)
> Nov 17 18:23:38 nauja kernel: 203.537467] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:20:9c:66:58:ce:08:00
> SRC=138.100.209.198 DST=138.4.116.67 LEN=48 TOS=0x00 PREC=0x00 TTL=125
> ID=3193 DF PROTO=TCP SPT=49442 DPT=22 WINDOW=8192 RES=0x00 SYN URGP=0
> OPT (020405B401010402)
> Nov 17 18:24:15 nauja kernel: 239.780550] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:1d:60:36:3f:55:08:00
> SRC=138.4.116.74 DST=138.4.116.67 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> ID=48308 DF PROTO=TCP SPT=59642 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B40402080A095708410000000001030307)
> Nov 17 18:24:18 nauja kernel: 242.772777] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:1d:60:36:3f:55:08:00
> SRC=138.4.116.74 DST=138.4.116.67 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> ID=48309 DF PROTO=TCP SPT=59642 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B40402080A09570B2F0000000001030307)
> Nov 17 18:24:24 nauja kernel: 248.765656] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:1d:60:36:3f:55:08:00
> SRC=138.4.116.74 DST=138.4.116.67 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> ID=48310 DF PROTO=TCP SPT=59642 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B40402080A0957110B0000000001030307)
> Nov 17 18:24:33 nauja kernel: 258.071745] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:1d:60:36:3f:55:08:00
> SRC=138.4.116.74 DST=138.4.116.67 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> ID=49162 DF PROTO=TCP SPT=59643 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B40402080A09571A240000000001030307)
> Nov 17 18:24:36 nauja kernel: 261.066536] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:1d:60:36:3f:55:08:00
> SRC=138.4.116.74 DST=138.4.116.67 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> ID=49163 DF PROTO=TCP SPT=59643 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B40402080A09571D120000000001030307)
> Nov 17 18:24:42 nauja kernel: 267.063403] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:1d:60:36:3f:55:08:00
> SRC=138.4.116.74 DST=138.4.116.67 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> ID=49164 DF PROTO=TCP SPT=59643 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B40402080A095722EE0000000001030307)
> Nov 17 18:25:18 nauja kernel: 303.016667] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:1d:60:36:3f:55:08:00
> SRC=138.4.116.74 DST=138.4.116.67 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> ID=49166 DF PROTO=TCP SPT=59643 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B40402080A095746160000000001030307)
> Nov 17 18:26:06 nauja kernel: 350.963660] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:1d:60:36:3f:55:08:00
> SRC=138.4.116.74 DST=138.4.116.67 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> ID=49167 DF PROTO=TCP SPT=59643 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B40402080A095774F60000000001030307)
> Nov 17 18:26:36 nauja kernel: 380.754702] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:1d:60:36:3f:55:08:00
> SRC=138.4.116.74 DST=138.4.116.67 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> ID=33526 DF PROTO=TCP SPT=59644 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B40402080A095792170000000001030307)
> Nov 17 18:26:39 nauja kernel: 383.749181] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:1d:60:36:3f:55:08:00
> SRC=138.4.116.74 DST=138.4.116.67 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> ID=33527 DF PROTO=TCP SPT=59644 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B40402080A095795050000000001030307)
> Nov 17 18:26:58 nauja kernel: 402.610171] SFW2-INext-DROP-DEFLT
> IN=eth0 OUT= MAC=20:cf:30:8b:1a:e4:00:1d:60:36:3f:55:08:00
> SRC=138.4.116.74 DST=138.4.116.67 LEN=60 TOS=0x00 PREC=0x00 TTL=64
> ID=20848 DF PROTO=TCP SPT=59645 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0
> OPT (020405B40402080A0957A7750000000001030307)
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
well yeah I couldn’t copy and past, since I (here’s the core of the problem) I don’t have any network connection. But I tried all kind of pingings. No repsonse.
Anyways. The DNS seems to be fine, since I pinged other mashines in the network by ID and it didn’t work. The only thing that works is to ping to own mashine. The network mask /25 is correct. Also the router info. Other mashines in the network work perfectly, using IP addresses like 138.4.116.XX
Solution found: hardware problem the ethernet card on the motherboard was broken. We put in a new one as I stated above but did not route it correctly. Now, since we did, it works perfectly fine:
bring the old route down: ifconfig eth0 down
and the new one up: ifconfig eth1 138.4.116.67 netmask 255.255.255.128 up
and route it correctly: route add default gw 138.4.116.1
Thanks anyways for your help!!
Good monday morning feeling.
Saludos de Espana!