Tag Archives: smoothwall

IPv6: The Way Of The Future

Posted on by
Reply

Tonight I set up IPv6 on my home network. While it feeds a house of 5, only 1 will notice any difference whatsoever!

Basically I loaded the IPv6 HomeBrew customization for SmoothWall (See the forums at community.smoothwall.org), and got myself an IPv6 block (/64) assigned and a tunnel to use it through (see Hurricane Electric, or TunnelBroker). I’ve set up Yoda (smoothwall), Telly (Debian) and Big Bird (macbook) to use IPv6 addresses and so far everything works wonderfully. It still relies on my router as a SPOF, but they have their own world-accessable IP(v6) addresses. I guess I should work on firewalls etc..

If anyone is interested in testing my IPv6 IRC server, it’s linked to the United Christian Chat Network and is accessible at ipv6.i-al.net! (6667 for standard, 6697 for SSL)

Brawling with iptables

Posted on by
1

I’ve been fighting for the last couple of days with iptables on my smoothwall machine, and I’m not sure where to turn next – might need to visit a forum or an IRC channel or something on the subject..

Anyway, at this point I have given telly a second IP, locked the webserver to one side and set up an iptables redirect from port 80 to 3128 (squid) on the other IP only, this tests fine, no problems, perfect.

The problem now lies purely on the smoothwall box.

I keep running in to RTNETLINK errors, and can’t figure out how to get around them.

yoda (root) / $ /usr/sbin/ip route add default via 192.168.1.5 dev eth0 table proxy
RTNETLINK answers: File exists
yoda (root) / $ /usr/sbin/ip route add default via 192.168.1.5 dev eth0 table 200
RTNETLINK answers: File exists
yoda (root) / $ /usr/sbin/ip route add default via 192.168.1.5 dev eth0 table 201
RTNETLINK answers: File exists

I’m pretty sure it’s a kernel module, but basically I’ve been sampling off some instructions I found to make this work and trying to debug as best I can, and it’s just not working:

yoda (root) / $ /sbin/iptables -t mangle -A PREROUTING -j ACCEPT -p tcp –dport 80 -s 192.168.1.5
yoda (root) / $ /sbin/iptables -t mangle -A PREROUTING -j MARK –set-mark 3 -p tcp –dport 80
getsockopt failed strangely: No such file or directory
yoda (root) / $ /usr/sbin/ip rule add fwmark 3 table 2
RTNETLINK answers: Invalid argument
yoda (root) / $ /usr/sbin/ip route add default via 192.168.1.5 dev eth0 table 2
RTNETLINK answers: File exists

I’m lost at this point, and not sure which direction to look next. I found that xt_mark.ko wasn’t loaded and having loaded it it got me to these errors, but I’m not sure which way to go..

Twiddle Broke the Interwebs

Posted on by
Reply

brokeYep, I broke the interwebs. I messed up a firewall script on the smoothwall box while trying to make the proxy transparent (and failed, I might need to ask for some assistance on this one..) and the internet stopped. Not a huge deal, needed to reboot the router which wasn’t a major issue, but while I was gone trying to make it work without a restart Kelly made the picture on the righ left of me with the “interwebs” that I had pulled apart and broken..

Asked her to send it to me so I could post for the humor value.

Triumph and Tragedy

Posted on by
Reply

Triumph: Mostly installed qmail on Mack’s newly reinstalled server, rhapsody. A few things to finish off today.

Triumph: Installed and configured a second private hub for UCCN, hub02. Will install backup services at a later date.

Triumph: Kelly put in a job application yesterday, and another will go in tomorrow.

Triumph: The package of stuff from New Zealand arrived today, albeit slightly beaten up from its travels.

Triumph: Shaved.

Triumph: Received most of the outstanding eBay items purchased up until last week.

Triumph: Got the new router installed and running smoothly. Could use a RAM upgrade, but that will come in time.

Tragedy: A bump while drinking water last night resulted in a spill occuring directly above the macbook. It was quickly shut down, but after being left 24 hours or so, it won’t turn on. Leaving it beside the heater for another 48 or so to see if this changes anything, but my hopes are not high.

In Keeping With Regularity

Posted on by
Reply

This is another boring post. Just for your warning.

Today my 3com cards arrived. These are two identical network cards (linux compatible) that I will be putting in my new Compaq that should arrive Friday.

“Ah, my birthday. Normally I’d put on a festive hat and celebrate the fact that the Earth has circled the Sun one more time; I really didn’t think it was going to make it this year, but darn it if it wasn’t the little planet that could all over again.” — Gregory House M.D.

No, it’s not my birthday, just working on the first two seasons of House, currently on season 1, episode 7. Last episode was House’s birthday, and had several amusing quotes – only that one related to his birthday.

“Turns out your best judgement isn’t good enough. Next time, use mine.”

“He’s really talking to a patient?” “I don’t know who I am anymore..”

“Clearly you’re not interested!” “Oh, I’m interested, I’m interested in how voices in the head are affected by mal-position of the uterus.”