Guarddog blocking packets in the same zone

I have Slackware running on my network as:

DHCP server
Mail server
DNS Server
Web Server
router with two NIC's (internet and LAN) LAN side has NATed addresses
Guarddog firewall

Internet -------> Slackware box ------->- 16 port switch ------> PC's

My LAN network is 192.168.0.0/24 and I have about 6 devices hooked to
it. All works fine.

Recently I added a Linksys WRT54G wireless router. It's network is
192.168.1.0/24. I added this network to the LAN zone on Guarddog and
everything is cool EXCEPT it won't allow packets to pass in and out of
the same interface between networks.

I.E. If I try to run Remote Desktop from a device on the wireless
network to a device on the wired network (0.0 to 1.0) Guarddog blocks
it with the following written to syslog:

Dec 7 20:33:45 homer kernel: DROPPED IN=eth1 OUT=eth1 SRC=192.168.0.21
DST=192.168.1.100 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=29063 DF
PROTO=TCP SPT=3389 DPT=1155 SEQ=125327193 ACK=1586171222 WINDOW=65535
RES=0x00 ACK URGP=0

eth0= internet interface
eth1= lan interface

If I disable the firewall, packets are allowed to pass normally. I
don't see anyway in Guarddog where I can tell it to allow packets in
the same zone but different networks pass.

The problem has to be with Guarddog as when I disable it, everything
works fine.

Help!!

Todd

On Fri, 09 Dec 2005 17:58:46 -0800, Todd wrote:

> Internet -------> Slackware box ------->- 16 port switch ------> PC's
>
> My LAN network is 192.168.0.0/24 and I have about 6 devices hooked to
> it. All works fine.
>
> Recently I added a Linksys WRT54G wireless router. It's network is
> 192.168.1.0/24. I added this network to the LAN zone on Guarddog and
> everything is cool EXCEPT it won't allow packets to pass in and out of
> the same interface between networks.

Where is the Linksys plugged into on your network above? How is it
plugged into your network also?


--

Regards
Robert

Smile... it increases your face value!


----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----

The Linksys is plugged in behind the Linux box into one of the ports on
my switch. It is assigned a NATed address on the 0.0 network. The
wireless network on the Linksys is 1.0:

Internet---->Cable modem-->Linux box-->16 port switch-->Linksys

It's not a routing issue as from the Linux box I can access both
networks. I can access the Linux box from the wireless network. I just
can access the LAN from the WIRELESS and vice versa with Guarddog on.
When I turn off the firewall everything works 100% as it should. Since
the Linksys is connected to the same switch as the LAN PC's, one would
think it should work but since they are on different networks, the
packets must be routed via the Linux box and I think that is where
Guarddog is having a problem.

I may be 100% incorrect here though...

Todd

On Mon, 12 Dec 2005 07:07:51 -0800, Todd wrote:

> The Linksys is plugged in behind the Linux box into one of the ports on
> my switch. It is assigned a NATed address on the 0.0 network. The
> wireless network on the Linksys is 1.0:
>
> Internet---->Cable modem-->Linux box-->16 port switch-->Linksys
>
> It's not a routing issue as from the Linux box I can access both
> networks. I can access the Linux box from the wireless network. I just
> can access the LAN from the WIRELESS and vice versa with Guarddog on.
> When I turn off the firewall everything works 100% as it should. Since
> the Linksys is connected to the same switch as the LAN PC's, one would
> think it should work but since they are on different networks, the
> packets must be routed via the Linux box and I think that is where
> Guarddog is having a problem.
>
> I may be 100% incorrect here though...

Well seeing how you are using 192.168.0.0/24 for the LAN and
192.168.1.0/24 for the Wireless and they are all connected to the switch
that might be the issue. Why don't you just place everything on the
192.168.0.0/24 subnet and I'm sure your problems will go away. Use the
upper addresses for the wireless and the lower one for the LAN

You are using 2 different subnets and they are trying to go through a
router to get to one another. Guarddog most likely doesn't do any
routing from 192.168.0.0 to 192.168.1.0 and that is why when Guarddog is
up traffic doesn't pass.

Since I don't know what type of Linksys router you are using I can
only guess. Which port on the Linksys are you connecting to the switch?
The wan port or a normal switch port? If the WAN port then all routing
between 192.168.0.0 and 192.168.1.0 is done on the Linksys box and the
linux box shouldn't matter. If a normal switch port then routing is being
done by the linux box.


--

Regards
Robert

Smile... it increases your face value!


----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
----= East and West-Coast Server Farms - Total Privacy via Encryption =----

I have a Linksys WRT54G.

The Linksys is hooked to the switch via the WAN port. I would have put
everything on the same subnet but I can't see any way to make the
Linksys act as just an access point and NOT a access point/router.

The route table on the Linksys is:

Destination LAN IP Subnet Mask Gateway Interface
192.168.1.0 255.255.255.0 0.0.0.0 LAN & Wireless
192.168.0.0 255.255.255.0 0.0.0.0 WAN (Internet)
0.0.0.0 0.0.0.0 192.168.0.1 WAN (Internet)

The route table on the Linux box is:

Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.1.0 pool5.xxx.xxx 255.255.255.0 UG 0 0 0
eth1
192.168.0.0 * 255.255.255.0 U 0 0 0
eth1
24.xxx.xx.0 * 255.255.248.0 U 0 0 0
eth0
loopback * 255.0.0.0 U 0 0 0
lo
default cpe-24-xxx-xx-1 0.0.0.0 UG 0 0 0
eth0

Sorry about the wrapping.

So in this list anything going to 192.168.1.0/24 uses pool5.xxx.xxx
which is the Linksys.

Thanks for your help!

Todd