Re: newbe question - roo with 2 network nterfaces

[Lance Spitzner <lance () honeynet org>]

On Fri, 26 Aug 2005, JJ wrote:

> Have a look at
>
> https://bugs.honeynet.org/show_bug.cgi?id=350

You guys found a bug (or in this case, bad documentation).  You cannot
use the br0 interface for remote management.  You will need to add a
third physical interface (or virtual interface within VMware) to support
remote management.   This is the only way we have tested the current
Honeywall functionality.

Thanks!

lance



> JJ.
>
>
>
> uti-r () web de wrote:
>
> > Hi all,
> >
> > I am running a roo honeywall in bridge mode and it is bridging well.
> > Unfortunately I just have 2 network interfaces, and I need to run the management interface and ntp requests on the 
> > internal interface (eth1), which belongs to br0.
> >
> > -----------------br0-----------------
> > |                                                                                  |
> > external  eth0                                        internal eth1  - - -    ntp-Server,
> >                                                                                                       HwManager,
> >                                                                                                       and some 
> > Honeypots
> >
> > HwMANAGER and HwTIME_SVR are configured with the right IPs.
> > HwMANAGE_IFACE = br0 HwMANAGE_IP and corresponding netmask  are set. A gateway is not necessary, because is is in 
> > the same net. HwRESTRICT is enabled.
> > But if I start the honeywall with /usr/local/bin/hwctl -s -p /etc/honeywall.conf, br0 is not assigned with MANAGE_IP 
> > as it is said in the comment. ???
> >
> > I manually configured br0  (ifconfig br0 IP broadcast netmask). I can only ping my own IP. Pinging e.g. the 
> > ntp-Server IP I have 100% packed loss.
> > I tryed both ROACHMOTEL enabled an disabled, without any effect on the result.
> >
> > Walleye is running correctly. Once I changed HwLAN_IFACE and HwINET_IFACE to br0 and configured eth1 manually as a 
> > management interface.  As a result honewall was not bridging anymore, but I had access on Walleye and ntpdate worked 
> > as well.
> >
> > eth1is in promiscuous mode, but that shouldn't be the reason for not sending, is it?
> > Are there any firewall rules that are discarding icmp traffic?
> >
> > If no idea what to do now.
> > Bye and thanks for your answers,
> > Uta
> > _________________________________________________________________________
> > Mit der Gruppen-SMS von WEB.DE FreeMail k?nnen Sie eine SMS an alle
> > Freunde gleichzeitig schicken: http://freemail.web.de/features/?mc=021179