If linux server is connected to router, internet connection for the whole network will not work

Question

I have a machine (Fedora) which is using iptables (acting as firewall). The system worked a long time, but now there is a problem. The internet connection was failing. I looked through and found out that if the machine is up or if it is connected to the router, the internet connection is failing for everyone in the network. The communication in LAN is working fine (other NICs). Where can I look for problems?

If I look on the Switch (between Fedora and Router) the activity LED is blinking all the time if the server is connected to the router ...

iptables -L -n

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
eth2-DMZ   all  --  0.0.0.0/0            0.0.0.0/0
RH-Firewall-1-INPUT  all  --  0.0.0.0/0            0.0.0.0/0
eth0-internal-INPUT  all  --  0.0.0.0/0            0.0.0.0/0
LOG        all  --  0.0.0.0/0            0.0.0.0/0           LOG flags 0 level 4 prefix `REJECT FILTER:'
REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-port-unreachable

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (1 references)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:21 state NEW,ESTABLISHED
ACCEPT     tcp  --  0.0.0.0/0            ww.ww.77.104/29    tcp dpt:80 state NEW
ACCEPT     tcp  --  0.0.0.0/0            ww.ww.77.104/29    tcp dpt:443 state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:25 state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:10001 state NEW
ACCEPT     tcp  --  xx.yy.133.130       0.0.0.0/0           tcp state NEW,ESTABLISHED
ACCEPT     tcp  --  zz.104.19.111        0.0.0.0/0           tcp state NEW,ESTABLISHED
REJECT     tcp  --  0.0.0.0/0           !ww.ww.77.104/29    tcp dpt:80 reject-with icmp-port-unreachable
REJECT     all  --  aa.251.23.91         0.0.0.0/0           reject-with icmp-port-unreachable
REJECT     all  --  bb.30.3.184         0.0.0.0/0           reject-with icmp-port-unreachable
REJECT     all  --  cc.10.104.163       0.0.0.0/0           reject-with icmp-port-unreachable
REJECT     all  --  dd.53.170.29        0.0.0.0/0           reject-with icmp-port-unreachable
REJECT     all  --  ee.120.230.6         0.0.0.0/0           reject-with icmp-port-unreachable
REJECT     all  --  ff.109.225.231       0.0.0.0/0           reject-with icmp-port-unreachable
REJECT     all  --  gg.95.43.173        0.0.0.0/0           reject-with icmp-port-unreachable

Chain eth0-internal-INPUT (1 references)
target     prot opt source               destination
REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-port-unreachable
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 255
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22 state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:10000 state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:443 state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:111 state NEW
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:111 state NEW
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:2049 state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:2049 state NEW
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpts:4000:4003 state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpts:4000:4003 state NEW,ESTABLISHED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5901 state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5666 state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:12489 state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:80 state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp spt:80

Chain eth2-DMZ (1 references)
target     prot opt source               destination
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           state NEW,RELATED,ESTABLISHED icmp type 8
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpts:161:162 state NEW,RELATED,ESTABLISHED
ACCEPT     tcp  --  192.168.10.0/24      0.0.0.0/0           tcp state NEW,ESTABLISHED
ACCEPT     tcp  --  192.168.11.0         0.0.0.0/0           tcp state NEW,ESTABLISHED
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5666 state NEW

route -n

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
ww.ww.77.104   0.0.0.0         255.255.255.248 U     0      0        0 eth1
192.168.3.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.10.0    192.168.3.2     255.255.255.0   UG    0      0        0 eth2
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth2
0.0.0.0         ww.ww.77.105   0.0.0.0         UG    0      0        0 eth1

cat /proc/sys/net/ipv4/ip_forward

I have masked official IP addresses.

SOLUTION:

It seems that a hacker got access to another server, which was behind the Fedora. There he placed a script which made a DDOS or something like this. Thus the router was overstrained and the internet worked anymore ...

Can you update your question including the output from `iptables -L -n`, `route -n` and `cat /proc/sys/net/ipv4/ip_forward` as that would help add some insight that your question doesn't answer. — Jeremy Bouse, Dec 20 '11 at 18:47
You say it's failing for everyone on the network but is the Fedora server itself experiencing problems going out to the internet? — Jeremy Bouse, Dec 20 '11 at 19:19
The Fedora server also isn't able to connect to the internet. — testing, Dec 20 '11 at 20:23

score 2 · Answer 1 · answered Dec 20 '11 at 18:45

2

Can you replace the network card or try a different one? Sometimes when NICs go bad they can bring down the network by flooding it with garbage.

answered Dec 20 '11 at 18:45

Brian

796
1
6
15

Not now! Tomorrow I think I have to get a new one. – testing Dec 20 '11 at 19:05
I tried to boot with a Live CD. Then I set up the interface and it works normal. What does it mean? – testing Dec 21 '11 at 08:03

If linux server is connected to router, internet connection for the whole network will not work

1 Answers1