Guarddog blocking packets in the same zone - Security

This is a discussion on Guarddog blocking packets in the same zone - Security ; I have Slackware running on my network as: DHCP server Mail server DNS Server Web Server router with two NIC's (internet and LAN) LAN side has NATed addresses Guarddog firewall Internet -------> Slackware box ------->- 16 port switch ------> PC's ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: Guarddog blocking packets in the same zone

  1. Guarddog blocking packets in the same zone

    I have Slackware running on my network as:

    DHCP server
    Mail server
    DNS Server
    Web Server
    router with two NIC's (internet and LAN) LAN side has NATed addresses
    Guarddog firewall

    Internet -------> Slackware box ------->- 16 port switch ------> PC's

    My LAN network is 192.168.0.0/24 and I have about 6 devices hooked to
    it. All works fine.

    Recently I added a Linksys WRT54G wireless router. It's network is
    192.168.1.0/24. I added this network to the LAN zone on Guarddog and
    everything is cool EXCEPT it won't allow packets to pass in and out of
    the same interface between networks.

    I.E. If I try to run Remote Desktop from a device on the wireless
    network to a device on the wired network (0.0 to 1.0) Guarddog blocks
    it with the following written to syslog:

    Dec 7 20:33:45 homer kernel: DROPPED IN=eth1 OUT=eth1 SRC=192.168.0.21
    DST=192.168.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=29063 DF
    PROTO=TCP SPT=3389 DPT=1155 SEQ=125327193 ACK=1586171222 WINDOW=65535
    RES=0x00 ACK URGP=0

    eth0= internet interface
    eth1= lan interface

    If I disable the firewall, packets are allowed to pass normally. I
    don't see anyway in Guarddog where I can tell it to allow packets in
    the same zone but different networks pass.

    The problem has to be with Guarddog as when I disable it, everything
    works fine.

    Help!!

    Todd


  2. Re: Guarddog blocking packets in the same zone

    On Fri, 09 Dec 2005 17:58:46 -0800, Todd wrote:

    > Internet -------> Slackware box ------->- 16 port switch ------> PC's
    >
    > My LAN network is 192.168.0.0/24 and I have about 6 devices hooked to
    > it. All works fine.
    >
    > Recently I added a Linksys WRT54G wireless router. It's network is
    > 192.168.1.0/24. I added this network to the LAN zone on Guarddog and
    > everything is cool EXCEPT it won't allow packets to pass in and out of
    > the same interface between networks.


    Where is the Linksys plugged into on your network above? How is it
    plugged into your network also?


    --

    Regards
    Robert

    Smile... it increases your face value!


    ----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
    http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
    ----= East and West-Coast Server Farms - Total Privacy via Encryption =----

  3. Re: Guarddog blocking packets in the same zone

    The Linksys is plugged in behind the Linux box into one of the ports on
    my switch. It is assigned a NATed address on the 0.0 network. The
    wireless network on the Linksys is 1.0:

    Internet---->Cable modem-->Linux box-->16 port switch-->Linksys

    It's not a routing issue as from the Linux box I can access both
    networks. I can access the Linux box from the wireless network. I just
    can access the LAN from the WIRELESS and vice versa with Guarddog on.
    When I turn off the firewall everything works 100% as it should. Since
    the Linksys is connected to the same switch as the LAN PC's, one would
    think it should work but since they are on different networks, the
    packets must be routed via the Linux box and I think that is where
    Guarddog is having a problem.

    I may be 100% incorrect here though...

    Todd


  4. Re: Guarddog blocking packets in the same zone

    I have a Linksys WRT54G.

    The Linksys is hooked to the switch via the WAN port. I would have put
    everything on the same subnet but I can't see any way to make the
    Linksys act as just an access point and NOT a access point/router.

    The route table on the Linksys is:

    Destination LAN IP Subnet Mask Gateway Interface
    192.168.1.0 255.255.255.0 0.0.0.0 LAN & Wireless
    192.168.0.0 255.255.255.0 0.0.0.0 WAN (Internet)
    0.0.0.0 0.0.0.0 192.168.0.1 WAN (Internet)

    The route table on the Linux box is:

    Destination Gateway Genmask Flags Metric Ref Use
    Iface
    192.168.1.0 pool5.xxx.xxx 255.255.255.0 UG 0 0 0
    eth1
    192.168.0.0 * 255.255.255.0 U 0 0 0
    eth1
    24.xxx.xx.0 * 255.255.248.0 U 0 0 0
    eth0
    loopback * 255.0.0.0 U 0 0 0
    lo
    default cpe-24-xxx-xx-1 0.0.0.0 UG 0 0 0
    eth0

    Sorry about the wrapping.

    So in this list anything going to 192.168.1.0/24 uses pool5.xxx.xxx
    which is the Linksys.

    Thanks for your help!

    Todd


  5. Re: Guarddog blocking packets in the same zone

    On Mon, 12 Dec 2005 07:07:51 -0800, Todd wrote:

    > The Linksys is plugged in behind the Linux box into one of the ports on
    > my switch. It is assigned a NATed address on the 0.0 network. The
    > wireless network on the Linksys is 1.0:
    >
    > Internet---->Cable modem-->Linux box-->16 port switch-->Linksys
    >
    > It's not a routing issue as from the Linux box I can access both
    > networks. I can access the Linux box from the wireless network. I just
    > can access the LAN from the WIRELESS and vice versa with Guarddog on.
    > When I turn off the firewall everything works 100% as it should. Since
    > the Linksys is connected to the same switch as the LAN PC's, one would
    > think it should work but since they are on different networks, the
    > packets must be routed via the Linux box and I think that is where
    > Guarddog is having a problem.
    >
    > I may be 100% incorrect here though...


    Well seeing how you are using 192.168.0.0/24 for the LAN and
    192.168.1.0/24 for the Wireless and they are all connected to the switch
    that might be the issue. Why don't you just place everything on the
    192.168.0.0/24 subnet and I'm sure your problems will go away. Use the
    upper addresses for the wireless and the lower one for the LAN

    You are using 2 different subnets and they are trying to go through a
    router to get to one another. Guarddog most likely doesn't do any
    routing from 192.168.0.0 to 192.168.1.0 and that is why when Guarddog is
    up traffic doesn't pass.

    Since I don't know what type of Linksys router you are using I can
    only guess. Which port on the Linksys are you connecting to the switch?
    The wan port or a normal switch port? If the WAN port then all routing
    between 192.168.0.0 and 192.168.1.0 is done on the Linksys box and the
    linux box shouldn't matter. If a normal switch port then routing is being
    done by the linux box.


    --

    Regards
    Robert

    Smile... it increases your face value!


    ----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
    http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
    ----= East and West-Coast Server Farms - Total Privacy via Encryption =----

+ Reply to Thread