• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 233
  • Last Modified:

LINUX Firewall/Router/Wireless Access Point Troubleshoot Effort

I have a LINUX firewall/router server which uses a wireless card as an access point.  This card is successfully delving out DHCP ip addresses to wireless clients.  I'm having trouble getting a samba Server on the same network as the wireless clients.  It connects to another card on this LINUX firewall/router system via a hub.  The LINUX firewall has a network bridge configured at br0.

bridge name     bridge id               STP enabled     interfaces
br0             8000.001346e6250b       no                    ath1
                                                                                eth2
                                                                           
The bridge is br0 is made of ath1, and eth2. ath1 is the wireless card[access point], eth2 is the network card connected to the hub which has the Samba server connected to it. The samba server is getting an IP address:
eth0      Link encap:Ethernet  HWaddr 00:10:5A:01:96:0D
          inet addr: 192.169.0.3  Bcast: 192.169.0.255  Mask:255.255.255.0
But, it can not ping the br0 which is configured as:

br0       Link encap:Ethernet  HWaddr 00:13:46:E6:25:0B
          inet addr:192.169.0.1  Bcast: 192.169.0.255  Mask: 255.255.255.0

Any help you can give us in undstanding why we can not get the Samba server on the network with the wireless XP clients via 192.169.0.0 would greatly be appreciated.  Again, any wireless client picks up a 192.169.0.XXX address and is online just fine.

More info:


Linux Server (Firewall):
ath1      Link encap:Ethernet  HWaddr 00:14:6C:89:44:87
          inet6 addr: fe80::214:6cff:fe89:4487/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:16496 errors:0 dropped:0 overruns:0 frame:0
          TX packets:20112 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1904165 (1.8 Mb)  TX bytes:15290428 ( 14.5 Mb)

br0       Link encap:Ethernet  HWaddr 00:13:46:E6:25:0B
          inet addr:192.169.0.1  Bcast: 192.169.0.255  Mask: 255.255.255.0
          inet6 addr: fe80::213:46ff:fee6:250b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14442 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15492 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1618977 (1.5 Mb)  TX bytes:7141959 (6.8 Mb)

eth2      Link encap:Ethernet  HWaddr 00:13:46:E6:25:0B
          inet6 addr: fe80::213:46ff:fee6:250b/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:122429276 errors:0 dropped:0 overruns:0 frame:0
          TX packets:270420109 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:887642421 (846.5 Mb)  TX bytes:2930004281 (2794.2 Mb)
          Interrupt:225 Base address:0xdc00

eth3      Link encap:Ethernet  HWaddr 00:16:EC:69:3C:B5
          inet addr: internet.ip.12.2  Bcast: internet.ip.12.255  Mask:255.255.255.0
          inet6 addr: fe80::216:ecff:fe69:3cb5/64 Scope:Link
          UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8140802 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2323611 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:3906504983 (3725.5 Mb)  TX bytes:551977672 (526.4 Mb)
          Interrupt:209 Base address:0xd800

lo        Link encap:Local Loopback
          inet addr: 127.0.0.1  Mask: 255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:23808860 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23808860 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:2245957434 (2141.9 Mb)  TX bytes:2245957434 (2141.9 Mb)

tap0      Link encap:Ethernet  HWaddr CE:3C:1D:1E:3B:41
          inet6 addr: fe80::cc3c:1dff:fe1e:3b41/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:704 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 b)  TX bytes:180832 (176.5 Kb)

wifi0     Link encap:UNSPEC  HWaddr 00-14-6C-89-44-87-00-00-00-00-00-00-00-00-00-00
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:16605879 errors:0 dropped:0 overruns:0 frame:1080636
          TX packets:11432729 errors:65368 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:199
          RX bytes:2162385966 ( 2062.2 Mb)  TX bytes:748681877 (713.9 Mb)
          Interrupt:209 Memory:cf080000-cf090000

Samba Server:

eth0      Link encap:Ethernet  HWaddr 00:10:5A:01:96:0D
          inet addr: 192.169.0.3  Bcast: 192.169.0.255  Mask:255.255.255.0
          inet6 addr: fe80::210:5aff:fe01:960d/64 Scope:Link
          UP BROADCAST NOTRAILERS RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1558 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1304 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:198584 (193.9 Kb)  TX bytes:125200 ( 122.2 Kb)
          Interrupt:9 Base address:0xdf00

lo         Link encap:Local Loopback
          inet addr:127.0.0.1  Mask: 255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:94 errors:0 dropped:0 overruns:0 frame:0
          TX packets:94 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:6804 (6.6 Kb)  TX bytes:6804 (6.6 Kb)
0
danfiggolf
Asked:
danfiggolf
  • 2
1 Solution
 
static-voidCommented:
ath1 doesnt seem to have an IPv4 address associated with it, could this be stopping the bridge working correctly?
0
 
danfiggolfAuthor Commented:
OK my Dad {rookie} sent the first email :)  This is actually how our bridge works, we set all the to be bridged nics to no ip and so you give ifconfig a setting of promisc up which as described by the ifconfig man page means "All packets on the network will be received by the interface."

bridge name     bridge id               STP enabled     interfaces
br0             8000.001346e6250b       no                    ath1
                                                                                  eth2
                                                                                  tap0
As you can see below, ath1, eth2, and tap0 all don't have an IP because they are all in the bridge. br0, the bridge, takes all traffic that comes from the interfaces: ath1, eth2, and tap0 and "bridges" the networks in this way as if they were all on one network card, the configuration of br0 represents this "one network card". Our bridge was constructed using the howto from the OpenVPN site with a small modification that allows three interfaces on the bridge: http://openvpn.net/bridge.html

Your help is greatly appreciated "Team Dad & Son."

Linux Server (Firewall):
br0       Link encap:Ethernet  HWaddr 00:13:46:E6:25:0B
          inet addr:192.169.0.1  Bcast: 192.169.0.255  Mask: 255.255.255.0
          inet6 addr: fe80::213:46ff:fee6:250b/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14442 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15492 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1618977 (1.5 Mb)  TX bytes:7141959 (6.8 Mb)

ath1      Link encap:Ethernet  HWaddr 00:14:6C:89:44:87
          inet6 addr: fe80::214:6cff:fe89:4487/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:16496 errors:0 dropped:0 overruns:0 frame:0
          TX packets:20112 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1904165 (1.8 Mb)  TX bytes:15290428 ( 14.5 Mb)

eth2      Link encap:Ethernet  HWaddr 00:13:46:E6:25:0B
          inet6 addr: fe80::213:46ff:fee6:250b/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:122429276 errors:0 dropped:0 overruns:0 frame:0
          TX packets:270420109 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:887642421 (846.5 Mb)  TX bytes:2930004281 (2794.2 Mb)
          Interrupt:225 Base address:0xdc00

tap0      Link encap:Ethernet  HWaddr CE:3C:1D:1E:3B:41
          inet6 addr: fe80::cc3c:1dff:fe1e:3b41/64 Scope:Link
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:704 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 b)  TX bytes:180832 (176.5 Kb)
0
 
danfiggolfAuthor Commented:
What we are trying to figure out is, can you have a two network cards on your LINUX firewall: one delivering wireless connectivity and the other physical connections, of which both are supporting the 192.169.0.0 IP?  For we have succeeded in giving all the wireless PCs an IP and they work fine on the network, it's just the computers connected to the LAN based network card are not seeing the network.  They are getting a DHCP IP.
0

Featured Post

A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now