[Techtalk] "route del" Yields "SIOCDELRT: no such process"

Thu Sep 27 12:42:18 EST 2001

At 9/27/01 12:19 PM , Raven, corporate courtesan wrote:
>         Congrats on the separate firewall.  If I were you, I'd also set 
> up your servers behind it to log to it, just so you have logs in separate 
> places in case of evil.

The only things behind it are Windows machines.

> > [root at kitchengod kmactane]# route
> > Kernel IP routing table
> > Destination     Gateway         Genmask         Flags Metric Ref    Use 
> Iface
> > kitchengod.Rebe *               255.255.255.255 UH    0      0        0 
> eth0
> > 255.255.255.255 *               255.255.255.255 UH    0      0        0 
> eth0
> > kitchengod.Rebe *               255.255.255.255 UH    0      0        0 
> eth1
>
>         What are these?  Haven't seen those before... do you remember 
> what syntax of commands you used to enter these routes?  I assume some 
> variant of route add...

See below.

>         Ah, I'm pretty sure you have to give it -netmask 255.0.0.0 at the 
> least.  You may have to give it the whole rest of the line.  Since the 
> Linux routing kernel uses classless addressing, you pretty much always 
> have to specify the netmask.

Looks that way.

>         Also, why are you specifically telling it how to get to 
> 64.0.0.0?  It should just follow the default path for that.

AFAIK, this *is* the default. I just installed this system from CD 
yesterday, and haven't had time to screw around with the routing. So this 
is whatever the installer set up on its own. I have no idea why it put half 
of that stuff there. I think some of it may also be screwing with my 
attempts to make Samba connections to it...

This isn't just a firewall; it's also serving as a file and print server 
for the stuff on the internal network. (Yes, separate machines would be 
nice for that, but this is a home network, and the budget simply doesn't 
allow that many boxen.) It should ipmasq the internal (192.168) subnet, and 
allow connections on eth1 only on ports 20, 21, 22, and 80. (We have some 
friends that are allowed FTP and Web access, and house members occasionally 
need to grab files from it from elsewhere...) But those port-139 
connections only get allowed on eth0.

Anyway, now that I actually *can* change the routing table, I'm setting 
about tweaking it into some level of sensibility.

                                                 --Kai MacTane
----------------------------------------------------------------------
"And when I squinted/The world seemed rose-tinted;
  Angels appeared to descend..."
                                                 --Depeche Mode,
                                                  "Waiting for the Night"