PDA

View Full Version : new firewall, disaster



jah
03-17-2008, 10:20 PM
there are a few software fire wall applications out there. SmoothWall and PFSense are examples, they are built around some sort of Linux distribution. Why use them? well they are free, more flexible than other firewall options and you can re cycle an old desktop since they will run on almost anything.

i was running SmoothWall revision 2.0 on an old pc. the software was kinda buggy and the pc was very old, so time to update to the latest smoothwall.

-i downloaded smoothwall 3.0+ and created the install cd image.
-did some dumpster diving at work for an old pc, replaced its noisy hard drive.
-installed the software and put the previous firewall rules into the new application, it sorta worked but this was the end of the good. things kinda went west after this.
....
-i plug the old smoothwall box in, i saved it as backup. its totally dead, this after constantly running for 3years so i have to get the new box up asap.
-i re adjusted the rules for the new box but no love. the web server half is not working. it could not find in coming traffic.
-i was using my cell phone to test the server but it stopped working. after 5 phone calls to the t-mobile tec support i find out they confused my account, set my account, the dial out string from internet3.voicestream.com to internet2. they changed it back.
-back online i open my macbook expecting to resume debug, but the macbook password is scrambled. nothing resets the lost password so i goto the mac store and they give me OSX 10.5.2 an up grade from my old 10.4.11. the next day i re install everything and i bluetooth pair with the cell phone again but the t-mobile account settings have reverted back to the bad internet2. more t-mobile tec support calls. peeps think apple was so white to give me a free upgrade but to this day i dont have all the applications re installed, like fusion, skype...
-back in debug mode; i am not getting any love from the smoothwall, the web server is not getting any in coming trafic. i nslookup www.mysite.com and the dynamic dns is ok. the 3.0 smoothwall log files are english as a 2nd language impaired. so this rolls around and i discover if i set the brozer side as 192.168.0.x and the server side one higher as 192.168.1.x things sorta work? will have to update all the suff at home that uses static dns addressing. i do a tracerout on the out going trafic and there is a nasty initial timeout before it hits the first outside hop.
-the next day nothing works! i call comcast to ask if they put a limit on my in traffic as the previous weeks i was up loading from work a bunch of stuff, they found nothing. i work on it for a few hours. i did not think to re ck the comcast ip address, since it was constant for the last year. but comcast changed it overnight... ComCastic. also the dynamic dns server is built into the smoothwall, which is not yet running.
-so a buddy comes over, drinking my beer he discovers my ip address is not as expected. laughs his *** off.
-its working now. the only bad is my print server still has the old 192.168.x.x address and its difficult to get to.