News: This forum is now permanently frozen.
Pages: [1]
Topic: m0n0wall problem...  (Read 2478 times)
« on: January 17, 2008, 01:28:58 »
coca *
Posts: 11

I have a problem with my m0n0wall, I have a pppoe connection and my ISP has set TTL to 1. I have enabled the IPSTEALTH <shellcmd>sysctl net.inet.ip.stealth=1</shellcmd> on my router (old PC with 2 NIC) and spoofed the mac, and everything was working fine, untill I upgraded the firmware to the latest beta one...from then the internet is not working on my PC, it says (connecting to www.google.com).
 
(Fortunately I had backed up the configuration file when it was working fine)
 
Then I uploaded it(my xml file) on my beta version and its the same, internet isnt working.
 
I also tried to downgrade to a official version and then uploaded my xml configuration but again internet is not working on my PC! it just says as I said "connection to www.google.com"
 
My installation: ISP modem-->m0n0wall (old PC with 2 NIC)-->Switch-->PC1, PC2
 
I can access my router fine @ 192.168.0.1
 
Cliffs:
internet was working fine until I upgrated the firmware.
Tried the latest beta version with uploaded XML file (the one I saved when it was working fine)
Tried the latest non beta vers. with XML file...didnt work!
 
Thank you for your help.
 
here is my saved XML file which was working fine:
 
<?xml version="1.0" ?>

- <m0n0wall>
  <version>1.6</version>
  <lastchange>1197999693</lastchange>
- <system>
  <hostname>m0n0wall</hostname>
  <domain>local</domain>
  <dnsallowoverride />
  <username>admin</username>
  <password>$1$2xDRT75j$W/jiJc00HYMGX7kFjxjQv0</password>
  <timezone>Etc/UTC</timezone>
  <time-update-interval>300</time-update-interval>
  <timeservers>pool.ntp.org</timeservers>
- <webgui>
  <protocol>http</protocol>
  <port />
  </webgui>
  <shellcmd>sysctl net.inet.ip.stealth=1</shellcmd>
  </system>
- <interfaces>
- <lan>
  <if>xl0</if>
  <ipaddr>192.168.0.1</ipaddr>
  <subnet>24</subnet>
  <media />
  <mediaopt />
  </lan>
- <wan>
  <if>fxp0</if>
  <mtu>1492</mtu>
  <blockpriv />
  <media />
  <mediaopt />
  <spoofmac>00:01:E4:C2:35:61</spoofmac>
  <ipaddr>pppoe</ipaddr>
  </wan>
  </interfaces>
  <staticroutes />
- <pppoe>
  <username>username</username>
  <password>123456</password>
  <provider />
  <timeout />
  </pppoe>
  <pptp />
  <bigpond />
- <dyndns>
  <type>dyndns</type>
  <username />
  <password />
  <host />
  <mx />
  <server />
  <port />
  </dyndns>
  <dnsupdate />
- <dhcpd>
- <lan>
- <range>
  <from>192.168.0.100</from>
  <to>192.168.0.200</to>
  </range>
  <enable />
  </lan>
  </dhcpd>
- <pptpd>
  <mode />
  <redir />
  <localip />
  <remoteip />
  </pptpd>
- <dnsmasq>
  <enable />
  </dnsmasq>
- <snmpd>
  <syslocation />
  <syscontact />
  <rocommunity>public</rocommunity>
  </snmpd>
- <diag>
- <ipv6nat>
  <ipaddr />
  </ipv6nat>
  </diag>
  <bridge />
  <syslog />
  <nat />
- <filter>
- <rule>
  <type>pass</type>
  <descr>Default LAN -> any</descr>
  <interface>lan</interface>
- <source>
  <network>lan</network>
  </source>
- <destination>
  <any />
  </destination>
  </rule>
  </filter>
  <shaper />
  <ipsec />
  <aliases />
  <proxyarp />
  <wol />
  </m0n0wall>



I assume, TTL of packets passing through the m0n0wall still decrements eventhough I have put <shellcmd>sysctl net.inet.ip.stealth=1</shellcmd>  in XML file? Maybe there something I am missing to put/change?

As it says "connection to www.google.com" and after a while "the page cannot be displayed"
« Last Edit: January 17, 2008, 20:58:48 by coca »
« Reply #1 on: January 17, 2008, 02:04:35 »
coca *
Posts: 11

This is what I just came through...I just tried to connect with a friend's username and password put it on m0n0, got his mac, spoofed it and it connected to the internet! Once I put back my username and pass and the mac address, it wont connect to the internet!

Cliff:
configurations is good,
friends username and pass, connect to the internet fine (after spoofed mac)
my username and pass, wont connect to the internet!

Im wonderin if ISP know, Im using a router?

BTW if I connect my modem directry to PC the same username and pass works fine! When I put them on router it wont work!
« Last Edit: January 17, 2008, 02:07:24 by coca »
« Reply #2 on: January 17, 2008, 19:36:43 »
Manuel Kasper
Administrator
*****
Posts: 364

The FreeBSD 6.x-based beta versions (1.3b*) don't include the IPSTEALTH option in the kernel config, which is now required for the net.inet.ip.stealth sysctl. I'll consider putting it in the kernel config for the next beta release.
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines