Find the answer to your Linux question:
Results 1 to 6 of 6
Hi, I've been playing around with various security options for my Ubuntu server 6.10. I installed OpenVPN this morning did a little configuring (e.g., making keys) before deciding it wasn't ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jan 2007
    Posts
    8

    No Outgoing Net Traffic After Flirting with OpenVPN


    Hi,

    I've been playing around with various security options for my Ubuntu server 6.10. I installed OpenVPN this morning did a little configuring (e.g., making keys) before deciding it wasn't my cup of tea. I used apt-get to both install and uninstall OpenVPN. I did not make any changes to my firewall--I'm using Firestarter and I have it set to permissive for outbound traffic. Now the server won't access anything outside the box--no apt-get, no web, nothing. I can't even ping my laptop on the same LAN. Incoming traffic, however, works as before. I checked every log I could think of but don't see anything. What in the world could have happened?

    Thanks in advance.

    Joe

  2. #2
    Linux Enthusiast
    Join Date
    Apr 2004
    Location
    UK
    Posts
    678
    Can we get you to run these commands and post the output here so we can see how things are currently set up, then we may be able to help you.

    Code:
    ifconfig -a
    route
    cat /etc/resolv.conf
    ping www.google.com
    Chris...
    To be good, you must first be bad. "Newbie" is a rank, not a slight.

  3. #3
    Just Joined!
    Join Date
    Jan 2007
    Posts
    8

    Output

    Hi Chris,

    Thanks for your reply. Output is below:

    ipconfig -a
    Code:
    eth0      Link encap:Ethernet  HWaddr 00:30:84:30:CE:E8  
              inet addr:10.0.1.100  Bcast:10.0.1.255  Mask:255.255.255.0
              inet6 addr: fe80::230:84ff:fe30:cee8/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:388 errors:0 dropped:0 overruns:0 frame:0
              TX packets:380 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:33536 (32.7 KiB)  TX bytes:74535 (72.7 KiB)
              Interrupt:11 Base address:0xec00 
    
    lo        Link encap:Local Loopback  
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:24 errors:0 dropped:0 overruns:0 frame:0
              TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0 
              RX bytes:1856 (1.8 KiB)  TX bytes:1856 (1.8 KiB)
    
    sit0      Link encap:IPv6-in-IPv4  
              NOARP  MTU:1480  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0 
              RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

  4. #4
    Just Joined!
    Join Date
    Jan 2007
    Posts
    8

    Output

    Hi Chris,

    Thanks for your reply. Output is below:

    ipconfig -a
    Code:
    eth0      Link encap:Ethernet  HWaddr 00:30:84:30:CE:E8  
              inet addr:10.0.1.100  Bcast:10.0.1.255  Mask:255.255.255.0
              inet6 addr: fe80::230:84ff:fe30:cee8/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:388 errors:0 dropped:0 overruns:0 frame:0
              TX packets:380 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:33536 (32.7 KiB)  TX bytes:74535 (72.7 KiB)
              Interrupt:11 Base address:0xec00 
    
    lo        Link encap:Local Loopback  
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:24 errors:0 dropped:0 overruns:0 frame:0
              TX packets:24 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0 
              RX bytes:1856 (1.8 KiB)  TX bytes:1856 (1.8 KiB)
    
    sit0      Link encap:IPv6-in-IPv4  
              NOARP  MTU:1480  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0 
              RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
    route:
    Code:
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    10.0.1.0        *               255.255.255.0   U     0      0        0 eth0
    default         10.0.1.1        0.0.0.0         UG    0      0        0 eth0
    For the cat command, there is no output--just get the prompt again. And for the ping command, it's: unknown host www.google.com.

    Thanks again.

    Joe

  5. #5
    Linux Enthusiast
    Join Date
    Apr 2004
    Location
    UK
    Posts
    678
    Unknown host means ping has no way to convert www.google.com to the ip address required to send traffic to google. This dovetails nicely with there being no entries in /etc/resolv.conf.

    You need an entry in resolv.conf that identifies the DNS server you should be using. I would expect it to be the same as your gateway address so try the following as root.

    Code:
    cat > /etc/resolv.conf <<eof
    nameserver 10.0.1.1
    eof
    ping www.google.com
    If that doesn't work then you will need to find out which DNS server you should be using and put its IP against the nameserver entry instead.

    Let us know how you get on,

    Chris...
    To be good, you must first be bad. "Newbie" is a rank, not a slight.

  6. #6
    Just Joined!
    Join Date
    Jan 2007
    Posts
    8

    That Was It! And...

    Hi Chris,

    That was it! But there's more to the story. My root partition (about 8G or so) was full. Never dawned on me to check because prior to messing with OpenVPN it was less that 50%. (My home directory is on a different partition.) Something got loaded in there and I'm digging through it to find what the difference is. I used GParted Live to give it lots of space and all seems fine now. The tip was that I got an error message saying the volume was full when I tried your command. Once I resized everything, I reissued the command and it now works fine.

    Strange. But thanks again for your help!

    Joe

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •