| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 60744 | 2005-08-11 21:28:00 | Tools for Linux Network Traffic | Myth (110) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 380344 | 2005-08-11 21:28:00 | Are there any tools out there that will read ANY traffic going between a linux machine and a Win98SE machine? My problem, last night my partner went to use the networked (from Win98, locally connected to Linux machine) Epson Printer. Now normally this works; but for some reason Firestarter decided last night it wouldn't let it connect. The thing is, there are no events showing up, so I can accept the connection. I have thus far deleted all older rules for incoming, but if I try to connect to the linux machine at all it doesn't show, and only one event comes up. If I accept the connection for that event, the machines still won't network, and no more events show. Turn Firestarter off, and everything works perfect (including access to Linux based printer from Win 98). The printer is using the Adobe postscript driver to connect to Linux based printer. It also has the correct Win driver installed on the machine. I have heard of Ethereal, never used it. Is it the right tool, or are there better that would suit my purposes? P.S. both machines are networked via Samba service, using eth0 and cable. |
Myth (110) | ||
| 380345 | 2005-08-12 02:22:00 | Ethereal and tcpdump will analyse packets leaving and arriving at an interface. But if your firewall is dropping them, they may not be seen, so they are not the right tools for the job. It is better to look at the logfile for the firewall itself. I have never used Firestarter, but I understand that it is a GUI for ipfilter (is that right?) - look in /var/log/security, /var/log/messages, or something like /var/log/ipf. Post the firewall messages you find there. |
vinref (6194) | ||
| 380346 | 2005-08-12 05:15:00 | So, question: Is Samba service running? Can you connect to a normal samba share? Can you print locally? Can you ping the Linux box from the Win98 box? Just a few things that come to mind which you've probably already done, but its good to ask just in case :) |
Chilling_Silence (9) | ||
| 380347 | 2005-08-12 06:18:00 | Samba uses port 139, so try opening up that port for access. | Jen (38) | ||
| 380348 | 2005-08-12 23:44:00 | Vinref: From memory, I think Firestarter is a GUI for IPTables (I think). Anyway, I am still looking for logs generated by Firestarter. Chilling: With Firestarter on... Is Samba service running? - Yes Can you connect to a normal samba share? From Linux machine - Yes; From 98 machine - No Can you print locally? - Yes, just cannot access printer from Win98 machine; Can access it when firestarter off Can you ping the Linux box from the Win98 box? - Yes Jen: Access has already been allowed for Ports 137-139 443 |
Myth (110) | ||
| 380349 | 2005-08-13 01:04:00 | Hi Tazz, Ethereal would be good choice. It puts the NIC into promiscuous mode and will capture the packets you need to look for. One other thing that may be worth checking is whether the network printer is still set up as the default printer on the Win 98 box. It seems unusual that print jobs have "just" stopped working. One thing to remember though is that if you altered your firewall rules and didn't restart either the computer or the service the new rules would only come into force when you next rebooted. HTH |
Simply_Si (354) | ||
| 1 | |||||