Date: Tue, 14 Dec 2010 08:17:29 -0800 (PST) From: "Justin V." <vic@yeaguy.com> To: Da Rock <freebsd-questions@herveybayaustralia.com.au> Cc: freebsd-questions@freebsd.org Subject: Re: pls help.. Message-ID: <alpine.BSF.2.00.1012140817090.2049@yeaguy.com> In-Reply-To: <4D076635.1070608@herveybayaustralia.com.au> References: <alpine.BSF.2.00.1012140109250.2166@yeaguy.com> <4D076635.1070608@herveybayaustralia.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 14 Dec 2010, Da Rock wrote:
> On 12/14/10 19:54, Justin V. wrote:
>> Hi,
>>
>> I am having a very difficult time understanding what is going on with this
>> FreeBSD machine..
>>
>> I was having inet trouble so i put in a new router on my network (home
>> network)..
>>
>> I have a FreeBSD machine on my network:
>>
>> FreeBSD yeaguy.com 8.1-RELEASE FreeBSD 8.1-RELEASE #3: Thu Nov 4 20:43:41
>> PDT 2010 vic@yeaguy.com:/usr/obj/usr/src/sys/HBCA i386
>>
>>
>> I have windows machines on my network..
>>
>>
>> One of my windows machines is my laptop and I connect directly to the
>> router via WIFI without any trouble at all... I can browse any website
>> without complaint.
>>
>> My FreeBSD system connects to my WIFI router just fine as well.. I am
>> seeing troubles browsing the inet with my FreeBSD machine (Xorg and opera)
>> Pulling up Google.com can take up to 30s..
>>
>> My Other windows machine is using the FreeBSD as its gateway, I am running
>> ipnat. This pc suffers from the same issues as the FreeBSD box..
>>
>> I configured the new router with the same ssid and wepkey.. so minimal
>> adjustments would have to be made for other WIFI users in the house..
>> Everyone is fine except me...
>>
>> My server is fine as far as my Website is concerned.. I changed my DNS with
>> my host to point to my new WAN IP.. I can pull my page fine.. I can ssh to
>> my server fine from my phone, phones ip is from my Phones netowrk.. this is
>> not being done via WIFI on my phone..
>>
>> So my Nat'd WIN PC and my FreeBSD Xorg cannot browse the internet like it
>> used to.. 30s to 40s to pull up google is just unacceptable, when I have my
>> laptop sitting here using the same WIFI router pulling it up in about
>> 3ms...
>>
>> Another odd symptom I am seeing is that when i issue the command 'alpine'
>> to check my email, it hangs for a good 30s.... So in my mind, Im thinking,
>> what changed?? My router and my Public IP.. thats it.. its almost like I
>> have my OLD WAN ip hardcoded somewhere causing a conflict.. I cannot find
>> it hardcoded anywhere..
>>
>> Heres an example of what im seeing:
>>
>> [vic@yeaguy ~]$ ping google.com
>> PING google.com (72.14.204.147): 56 data bytes
>> 64 bytes from 72.14.204.147: icmp_seq=0 ttl=52 time=85.460 ms
>> 64 bytes from 72.14.204.147: icmp_seq=1 ttl=52 time=85.152 ms
>> 64 bytes from 72.14.204.147: icmp_seq=2 ttl=52 time=84.048 ms
>> 64 bytes from 72.14.204.147: icmp_seq=3 ttl=52 time=82.442 ms
>> ^C
>> --- google.com ping statistics ---
>> 4 packets transmitted, 4 packets received, 0.0% packet loss
>> round-trip min/avg/max/stddev = 82.442/84.275/85.460/1.182 ms
>>
>>
>> [vic@yeaguy ~]$ telnet google.com 80
>> Trying 72.14.204.147...
>> Connected to google.com. <it hung here for alot longer than 85ms>
>> Escape character is '^]'.
>> ^]
>> telnet> q
>> Connection closed.
>> [vic@yeaguy ~]$
>>
>>
>> I am unable to browse to nytimes.com via FreeBSD Opera browser or WIN PC
>> that is using the FreeBSD as the gateway, but I can telnet to it on tcp
>> port 80 just fine..
>>
>> [vic@yeaguy ~]$ telnet nytimes.com 80
>> Trying 199.239.136.200...
>> Connected to nytimes.com.
>> Escape character is '^]'.
>> get
>> <HTML><HEAD><TITLE>Bad request</TITLE></HEAD>
>> <BODY><H1>Bad request</H1>
>> Your browser sent a query this server could not understand.
>> </BODY></HTML>Connection closed by foreign host.
>> [vic@yeaguy ~]$
>>
>>
>> Heres some config files:
>>
>>
>> [vic@yeaguy ~]$ cat /etc/rc.conf
>> wlans_rum0="wlan0"
>> gateway_enable="YES"
>> ifconfig_wlan0="inet 192.168.1.169 netmask 255.255.255.0 ssid vicnet
>> wepmode on weptxkey 1 wepkey 1:0xF4AE43E9BA description WIFI"
>> defaultrouter="192.168.1.1"
>> apache22_enable="YES"
>> hald_enable="YES"
>> dbus_enable="YES"
>> samba_enable="YES"
>> nmbd_enable="YES"
>> smbd_enable="YES"
>> winbindd_enable="YES"
>> hostname="yeaguy.com"
>> ifconfig_em0="inet 10.1.1.1 netmask 255.255.255.0 broadcast 10.1.1.255
>> description LAN"
>> inetd_enable="YES"
>> linux_enable="YES"
>> sshd_enable="YES"
>> usbd_enable="YES"
>> postfix_enable="YES"
>> sendmail_enable="NO"
>> sendmail_submit_enable="NO"
>> sendmail_outbound_enable="NO"
>> sendmail_msp_queue_enable="NO"
>> firewall_enable="YES"
>> firewall_script="/etc/fire"
>> ipnat_enable="YES"
>> ipnat_program="/sbin/ipnat"
>> ipnat_rules="/etc/ipnat.rules"
>> ipnat_flags=""
>> #ipmon_enable="YES"
>> #ipmon_program="/sbin/ipmon"
>> #ipmon_flags="-Ds"
>> named_enable="YES"
>> ntpdate_enable="YES"
>> ntpdate_program="ntpdate"
>> ntpdate_flags="-b 0.north-america.pool.ntp.org"
>> mysql_enable="YES"
>> clamav_clamd_enable="YES"
>> clamav_freshclam_enable="YES"
>> amavisd_enable="YES"
>> #amavisd_ram="512m"
>> pf_enable="YES"
>> pf_rules="/etc/pf.conf"
>> pflog_enable="YES"
>> saver="daemon"
>>
>>
>>
>> [vic@yeaguy ~]$ ifconfig
>> em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>> description: LAN
>> options=219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC>
>> ether 00:16:76:bf:17:29
>> inet 10.1.1.1 netmask 0xffffff00 broadcast 10.1.1.255
>> media: Ethernet autoselect (100baseTX <full-duplex>)
>> status: active
>> ipfw0: flags=8801<UP,SIMPLEX,MULTICAST> metric 0 mtu 65536
>> pflog0: flags=141<UP,RUNNING,PROMISC> metric 0 mtu 33200
>> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
>> options=3<RXCSUM,TXCSUM>
>> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
>> inet6 ::1 prefixlen 128
>> inet 127.0.0.1 netmask 0xff000000
>> nd6 options=3<PERFORMNUD,ACCEPT_RTADV>
>> pfsync0: flags=0<> metric 0 mtu 1460
>> syncpeer: 224.0.0.240 maxupd: 128
>> rum0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 2290
>> ether 00:1e:e5:a8:bd:5a
>> media: IEEE 802.11 Wireless Ethernet autoselect mode 11g
>> status: associated
>> wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>> description: WIFI
>> ether 00:1e:e5:a8:bd:5a
>> inet 192.168.1.169 netmask 0xffffff00 broadcast 192.168.1.255
>> media: IEEE 802.11 Wireless Ethernet OFDM/18Mbps mode 11g
>> status: associated
>> ssid vicnet channel 11 (2462 MHz 11g) bssid 00:22:6b:66:bf:74
>> country US authmode OPEN privacy ON deftxkey 1 wepkey 1:40-bit
>> txpower 0 bmiss 7 scanvalid 60 bgscan bgscanintvl 300 bgscanidle
>> 250
>> roam:rssi 7 roam:rate 5 protmode CTS
>> [vic@yeaguy ~]$
>>
>>
>> [vic@yeaguy ~]$ netstat -rn
>> Routing tables
>>
>> Internet:
>> Destination Gateway Flags Refs Use Netif Expire
>> default 192.168.1.1 UGS 1 2208 wlan0
>> 10.1.1.0/24 link#1 U 4 16001 em0
>> 10.1.1.1 link#1 UHS 0 0 lo0
>> 127.0.0.1 link#4 UH 0 36 lo0
>> 192.168.1.0/24 link#7 U 6 7123 wlan0
>> 192.168.1.169 link#7 UHS 0 0 lo0
>>
>> Internet6:
>> Destination Gateway Flags Netif
>> Expire
>> ::1 ::1 UH lo0
>> fe80::%lo0/64 link#4 U lo0
>> fe80::1%lo0 link#4 UHS lo0
>> ff01:4::/32 fe80::1%lo0 U lo0
>> ff02::%lo0/32 fe80::1%lo0 U lo0
>> [vic@yeaguy ~]$
>>
>>
>>
>> yeaguy# ipnat -l
>> List of active MAP/Redirect filters:
>> map wlan0 10.1.1.0/24 -> 192.168.1.169/32 portmap tcp/udp 10000:60000
>> map wlan0 10.1.1.0/24 -> 192.168.1.169/32
>>
>> List of active sessions:
>> MAP 10.1.1.190 53867 <- -> 192.168.1.169 54939 [69.147.83.34 80]
>> MAP 10.1.1.190 53401 <- -> 192.168.1.169 45879 [72.14.204.147 80]
>> MAP 10.1.1.190 53398 <- -> 192.168.1.169 18541 [72.14.204.147 80]
>> MAP 10.1.1.190 53397 <- -> 192.168.1.169 27460 [72.14.204.147 80]
>> yeaguy#
>>
>>
>>
>> I am thinking of doing a fresh install to see if my issue clears.. I am
>> beyond frustrated.. A WAN IP and router change and now I have some odd
>> tick/hangup on the system???!!! that makes no sense.. if i put the old
>> router in place it works fine.. I really dont want to use the old router
>> either,, it requires a reboot daily.. it flakey...
>>
>> I checked the router for ACLs and anything that might cause conflict but I
>> am not seeing anything.. I really cant see how its the new router.. my WIN
>> LAPTOP when connecting to the router works flawlessly... The only odd
>> thing I do see in regards to the router and FreeBSD box is the WEP
>> attributes:
>>
>> ifconfig shows:
>>
>> wepkey 1:40-bit // Router shows: WEP Encryption: "64 bits 10 hex digits"..
>> is that an issue??
>>
>> Router is a Linksys WRT54G2... My router logs show in and out traffic
>> from the FreeBSD box.. so this is why Im thinking its the FreeBSD box...
>>
>> Can i do a system wide grep on all files to see if i find the OLD WAN IP
>> hardcoded somewhere???
>>
>> I have completely disable ipfw as well:
>>
>> yeaguy# ipfw -q flush
>> yeaguy# ipfw show
>> 65535 4145 3401628 allow ip from any to any
>>
>> If anyone can assist Id be very greatful..
>>
>> Thanks
>>
>> Justin V.
> A reload would possibly solve it but I'd say its extreme.
>
> I'd be more likely to start again and reconfigure your net from scratch.
> Instead of adjusting values in rc.conf, wipe the wifi related stuff and start
> again.
>
> That said, can you enlighten why you don't use wpa? wep's been hacked for
> nearly a decade- wpa's now even up to wpa2... and last I checked ye ole
> Linksys WRT54G was capable even then of wpa2.
>
> IMO you'd be more secure and definitely easier and reliably setup doing the
> switch to wpa- no confusion in reinitialising old settings- in rc.conf:
>
> ifconfig_wlan0="{inet or dhcp} wpa"
>
> In /etc/wpa_supplicant.conf:
>
> network={
> ssid="myssid"
> psk="secret"
> }
>
> And done. If it still doesn't work its somewhere to start from, but its basic
> enough to work straight off the bat. Once its working you can then complicate
> it as much as you like... :)
>
> That said 64 and 40 bit doesn't quite sound the same to me...
>
> HTH
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>
WPA2 implemented.. thanks.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.00.1012140817090.2049>