several network problems after 0.4.3 upgrade

Support section for FREESCO v0.4.x

several network problems after 0.4.3 upgrade

Postby netllama » Sun May 08, 2011 6:14 pm

Greetings,
I'm a long time FreeSCO user (about 7.5 years). I just upgraded from 0.3.4 to 0.4.3 (yea, I know, it took a while to get motivated when everything was working perfectly). Anyway, most everything appears to be working well in 0.4.3 except for three glaring problems (which may be related):

1) Port forwarding is (silently) failing to work. Here's the current content of /etc/portfw.cfg :
Code: Select all
tcp,222,22,10.0.0.1   
tcp,6881,-6889,10.0.0.1   
tcp,48691,48691,10.0.0.1   
udp,48691,48691,10.0.0.1   
tcp,443,443,10.0.0.1   
udp,6881,-6889,10.0.0.1   
tcp,444,22,10.0.0.254


All of this worked perfectly in 0.3.4, but now if I attempt to access any of those ports, I always get a refused connection. If I boot off of my old 0.3.4 floppy, then all the ports are accessible again.

2) I'm seeing the following error immediately after bootup, and also if I manually restart the masquerading service:
Code: Select all
[root@router] rc_masq restart
NAT and firewalling is enabled...            ipfwadm: invalid port/service "10.0.0.10"
BusyBox v0.60.7-Freesco-043 (10/29/2010) multi-call binary

Usage: ipfwadm  -A accounting
      -F forwarding
      -I input
      -O output
      -M masquerading
      -h help



ipfwadm: invalid port/service "10.0.0.10"
BusyBox v0.60.7-Freesco-043 (10/29/2010) multi-call binary

Usage: ipfwadm  -A accounting
      -F forwarding
      -I input
      -O output
      -M masquerading
      -h help



                                             Done


This I actually figured out, but I think I still found a bug. The problem is caused by the ssh daemon configuration. In setup, there's a step where it says that the daemon can be bound to a specific IP, in addition to specifying the port number, and to enter it with the format "IP ADDRESS:PORT#". So I entered "10.0.0.10:22". Clearly that isn't working, and when I change it back to just the port number (22), then the error is gone. Perhaps i've misunderstood how I'm supposed to specify the IP?

3) After (re)booting FreeSCO, everything on the network behind the FreeSCO box (it has two NICs, one facing my DSL modem, the other facing everything else on my home network), cannot connect to the internet (100% packet loss, including DNS queries). I can connect to the FreeSCO box (via both ssh & web) from inside my network, so it looks like the packets are somehow getting blocked or dropped on the FreeSCO box. If I restart the firewall on the FreeSCO box, then everything works fine again, until I reboot the FreeSCO box.

many thanks in advance!
User avatar
netllama
Newbie
 
Posts: 8
Joined: Wed Jul 10, 2002 11:53 am

Re: several network problems after 0.4.3 upgrade

Postby netllama » Sun May 08, 2011 6:36 pm

I just figured out the first problem (port forwarding not working). Somehow, I never enabled 'Port Forwarding'. What made this so confusing is via the web admin interface, I see:
Code: Select all
List Add Delete RST OFF


which never gave me any indication that it wasn't enabled (especially the 'OFF' option). So I guess this was user error, but the web UI made it unintuitively confusing.

At this point, the biggest remaining issue is with the need to reset the firewall after every reboot.
User avatar
netllama
Newbie
 
Posts: 8
Joined: Wed Jul 10, 2002 11:53 am

Re: several network problems after 0.4.3 upgrade

Postby netllama » Sun May 08, 2011 7:04 pm

Sorry, I forgot to include a report (attached now)
You do not have the required permissions to view the files attached to this post.
User avatar
netllama
Newbie
 
Posts: 8
Joined: Wed Jul 10, 2002 11:53 am

Re: several network problems after 0.4.3 upgrade

Postby Lightning » Sun May 08, 2011 8:17 pm

The singular difference between the two reports is the external IP address. Which if that changes the firewall should automatically restart. However there has been in the past issues with timing on the rc_masq script and if the PPP connection hits things just right then the firewall can end up somewhere in limbo. I thought that this had been resolved with some additions to the firewall killing previous running versions of it's self. But possibly there is something else going on with your machine and or ISP. The only simple solution is to do the following
edit /rc/rc_user
Code: Select all
$star)  fn $0 $1 $ST
        rc_masq $rest >/dev/null
        = $?


But I would be interested in seeing the output of this command before the above change is made right after a reboot.
netinfo >/boot/report.txt
rc_masq restart
netinfo >/boot/report-1.txt


As for the link of the SSH server to a single address. That option does NOT apply to the default port. It only applies if you are adding secondary or tertiary ports with the "-p IP:port" as the option. However this is displayed in a manor that is a bug and I will correct this so that the IP can be set on the primary port as well in 0.4.4 along with the fact that the IP: is optional and not required.
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12080
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: several network problems after 0.4.3 upgrade

Postby netllama » Sun May 08, 2011 8:57 pm

Lightning wrote:The singular difference between the two reports is the external IP address. Which if that changes the firewall should automatically restart. However there has been in the past issues with timing on the rc_masq script and if the PPP connection hits things just right then the firewall can end up somewhere in limbo. I thought that this had been resolved with some additions to the firewall killing previous running versions of it's self. But possibly there is something else going on with your machine and or ISP. The only simple solution is to do the following
edit /rc/rc_user
Code: Select all
$star)  fn $0 $1 $ST
        rc_masq $rest >/dev/null
        = $?


But I would be interested in seeing the output of this command before the above change is made right after a reboot.
netinfo >/boot/report.txt
rc_masq restart
netinfo >/boot/report-1.txt



Confirmed, the change above fixes it without any other manual intervention. Thanks! I've attached the two logs that you requested as well.

Lightning wrote:As for the link of the SSH server to a single address. That option does NOT apply to the default port. It only applies if you are adding secondary or tertiary ports with the "-p IP:port" as the option. However this is displayed in a manor that is a bug and I will correct this so that the IP can be set on the primary port as well in 0.4.4 along with the fact that the IP: is optional and not required.


Ah, ok, thanks for clarifying, and thanks for fixing this in the next release!
You do not have the required permissions to view the files attached to this post.
User avatar
netllama
Newbie
 
Posts: 8
Joined: Wed Jul 10, 2002 11:53 am

Re: several network problems after 0.4.3 upgrade

Postby Lightning » Sun May 08, 2011 11:19 pm

As suspected the broken firewall and forwarding rules are non existent. So for some reason it is being terminated in the background before it finishes or somewhere when the ISP is assigning the IP. At this point I am doubtful there is a better solution to fixing your specific problem other than restarting the firewall in the rc_user script automatically.
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12080
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: several network problems after 0.4.3 upgrade

Postby acelere » Mon May 09, 2011 5:52 pm

Hi Lightning,

My 0.4.3 box starts OK, but after some time, it stops the packet routing...
I can ssh to it from the lan and when I try to ping something, it wont go.

I know this is too little info, so what commands / reports could I generate to help debug?

Before I end, my KUDOS to you for this great, great piece of art.
User avatar
acelere
Newbie
 
Posts: 4
Joined: Thu Oct 21, 2004 7:00 pm

Re: several network problems after 0.4.3 upgrade

Postby Lightning » Mon May 09, 2011 8:25 pm

As previously with the "netinfo" command. The best solution in trying to figure out what is wrong will be to take a report with the system running fine and then a second report with "netinfo" while it is broken. What could be happening is that your ISP has a specific lease cycle and during the update to your IP something is going wrong and again it could easily be in the firewall. So something to try when it is acting up is to try a manual restart of the firewall (rc_masq restart).
If you are afraid that you might make a mistake. The chances are high that you will never learn anything.
User avatar
Lightning
FREESCO GOD !!
 
Posts: 12080
Joined: Wed Nov 14, 2001 6:50 am
Location: Oregon, USA

Re: several network problems after 0.4.3 upgrade

Postby acelere » Mon May 16, 2011 7:03 pm

Ok Lighting, I will do. Thing is I am travelling a bit, so it might take a few days. Thanks!
User avatar
acelere
Newbie
 
Posts: 4
Joined: Thu Oct 21, 2004 7:00 pm


Return to FREESCO Support for v0.4.x

Who is online

Users browsing this forum: No registered users and 7 guests

cron