Hello all:

I've been trying to get this problem solved on my own but to no avail.
This is my ex-W2000 rig now running Knoppix 3.3 after a really swift HD install.

It has a 3Com network card (not connected to a network at this moment) and connects to the web through a dial up connection to a local ISP via a 3Com/USR Courier V.Everything internal modem.

I have used the same rig with W2K SP3 and the ATGuard 3.11 host based firewall for the longest while and now I would like to set up adequate defences while on the web with Knoppix linux, even though I am quite aware that it is not nearly as vulnerable as W2K SP3.

I guess that it's just an acquired habit, like strapping on the set belt as you get in the car: just feels uncomfortable if you don't have it on.

So when I came across KISS 2.0, I decided to set it up and give it a try.

Without it, I can reach the web with no problems, ping works fine and I download files with no problems.

But if I start up KISS 2.0, I get locked in, just cannot get through.

I've re-read the settings instructions and everything seems to be fine, having left the trusted IPs to 0.0.0.0./0 (default) and only uncommented the lines needed to allow DNS zone transfers.

My guess is that KISS 2.0 is not the problem and that I just have something wrong with my network configuration, but I have no idea about fixing it.

Once I dial up, these are the outputs I get from ifconfig -a and route -n:

root@groucho:/# ifconfig -a

eth0 Link encap:Ethernet HWaddr 00:50A5:37:E9
inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0

UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:15 Base address:0xe400

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:22 errors:0 dropped:0 overruns:0 frame:0
TX packets:22 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1400 (1.3 KiB) TX bytes:1400 (1.3 KiB)

ppp0 Link encap:Point-to-Point Protocol
inet addr:200.80.141.147 P-t-P:200.61.32.187 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:16 errors:0 dropped:0 overruns:0 frame:0
TX packets:17 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:3510 (3.4 KiB) TX bytes:827 (827.0 b)

root@groucho:/# route -n

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
XXX.61.32.187 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth0
0.0.0.0 XXX.61.32.187 0.0.0.0 UG 0 0 0 ppp0

I went looking for a way out of this and found the Linux PPP-HOWTO at http://tldp.org/HOWTO/PPP-HOWTO/index.html

In Chapter 17 it says:

Begin quote
-------

route -n

You should se something like:-

Kernel routing table
Destination Gateway Genmask Flags MSS Window Use Iface
10.144.153.3 * 255.255.255.255 UH 1500 0 1 ppp0
127.0.0.0 * 255.0.0.0 U 3584 0 11 lo
10.0.0.0 * 255.0.0.0 U 1500 0 35 eth0
default 10.144.153.3 * UG 1500 0 5 ppp0

Of particular importance here, notice we have TWO entries pointing to our ppp interface.

The first is a HOST route, (indicated by the H flag) and that allows us to see the host to which we are connected to - but no further.

The second is the default route, (established by giving pppd the option defaultroute. This is the route that tells our Linux PC to send any packets NOT destined for the local Ethernet(s) - to which we have specific network routes - to the PPP server itself. The PPP server then is responsible for routing our packets out onto the Internet and routing the return packets back to us.

If you do not see a routing table with two entries, something is wrong. In particular if your syslog shows a message telling you pppd is not replacing an existing default route, then you have a default route pointing at your Ethernet interface - which MUST be replaced by a specific network route: YOU CAN ONLY HAVE ONE DEFAULT ROUTE!!!

You will need to explore your system initialization files to find out where this default route is being set up (it will use a route add default... command). Change this command to something like route add net....

-------
End quote


My /etc/network/interfaces file reads:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 127.0.0.1
netmask netmask
network 127.0.0.0
broadcast broadcast

My /etc/network/ifstate file reads:

lo=lo
eth0=eth0

So even though I have the two required entries for PPP0, apparently there's a lack of a default route in the table, probably the cause of the problem with the firewall..

I'm at a loss here and would be very obliged to receive a couple of pointers on how to fix this or setting the default route.

Thanks in advance,

CIV