Hi,

you will have to grant access to every host on the blue network in the
WUI. Please go to Firewall -> Blue Access and do that over there.

-Michael

On Sun, 2013-07-21 at 22:35 +0200, Thomas Berthel wrote:
> Hi,
> 
> nobody any idea?
> 
> good night, Thomas
> 
> On 07/02/2013 12:14 AM, Thomas Berthel wrote:
> > Hi Michael,
> > 
> >> Please run /etc/init.d/network-vlans start
> > thanks. beginner error :-)
> > 
> > Here my document for vlan:
> > 
> > I configure my fire with the setup modus and change from green+red to
> > green+red+organge+blue
> > 
> > I setting up the network-ip's for blue & orange, then i became by the
> > end from the setup a message: orange device cant configure not devivce
> > found or so. Because it does not let me finish the setupmode i have
> > cloesed the console-connection.
> > 
> > I check my /var/ipfire/ethernet/settings and all information from my
> > change in the setup-menu was written there.
> > 
> > for example one snipp:
> > 
> > BLUE_ADDRESS=192.168.2.1
> > BLUE_NETMASK=255.255.255.0
> > BLUE_NETADDRESS=192.168.2.0
> > BLUE_BROADCAST=192.168.2.255
> > 
> > but, no MAC-Address and no DEV was in there.
> > 
> > The ifconfig says nothing to blue or orange. Okay then the next step.
> > I configure my /var/ipfire/ethernet/vlans as follows:
> > 
> > BLUE_PARENT_DEV=green0
> > BLUE_VLAN_ID=300
> > BLUE_MAC_ADDRESS=00:22:4D:84:A5:30
> > ORANGE_PARENT_DEV=green0
> > ORANGE_VLAN_ID=400
> > ORANGE_MAC_ADDRESS=00:22:4D:84:A5:40
> > 
> > Without "" for _PARENT_DEV="device1" and the _MAC_ADDRESS="11:22:33:..."
> > 
> > Then i do /etc/init.d/network-vlan start, this was my messages-output:
> > 
> > /etc/init.d/network-vlans start
> > + CONFIG_FILE=/var/ipfire/ethernet/vlans
> > + '[' -e /var/ipfire/ethernet/vlans ']'
> > ++ /usr/local/bin/readhash /var/ipfire/ethernet/vlans
> > + eval BLUE_PARENT_DEV=green0 BLUE_VLAN_ID=300
> > BLUE_MAC_ADDRESS=00:22:4D:84:A5:30 ORANGE_PARENT_DEV=green0
> > ORANGE_VLAN_ID=400 ORANGE_MAC_ADDRESS=00:22:4D:84:A5:40
> > ++ BLUE_PARENT_DEV=green0
> > ++ BLUE_VLAN_ID=300
> > ++ BLUE_MAC_ADDRESS=00:22:4D:84:A5:30
> > ++ ORANGE_PARENT_DEV=green0
> > ++ ORANGE_VLAN_ID=400
> > ++ ORANGE_MAC_ADDRESS=00:22:4D:84:A5:40
> > + action=start
> > + for interface in green0 blue0 orange0
> > + case "${interface}" in
> > + PARENT_DEV=
> > + VLAN_ID=
> > + MAC_ADDRESS=
> > + case "${action}" in
> > + '[' -z '' ']'
> > + continue
> > + for interface in green0 blue0 orange0
> > + case "${interface}" in
> > + PARENT_DEV=green0
> > + VLAN_ID=300
> > + MAC_ADDRESS=00:22:4D:84:A5:30
> > + case "${action}" in
> > + '[' -z green0 ']'
> > + '[' -d /sys/class/net/blue0 ']'
> > + '[' '!' -d /sys/class/net/green0 ']'
> > + '[' -z 300 ']'
> > + echo 'Creating VLAN interface blue0...'
> > Creating VLAN interface blue0...
> > + vconfig add green0 300
> > Added VLAN with VID == 300 to IF -:green0:-
> > + ip link set green0.300 name blue0
> > + '[' -n 00:22:4D:84:A5:30 ']'
> > + ip link set blue0 address 00:22:4D:84:A5:30
> > + ip link set green0 up
> > + for interface in green0 blue0 orange0
> > + case "${interface}" in
> > + PARENT_DEV=green0
> > + VLAN_ID=400
> > + MAC_ADDRESS=00:22:4D:84:A5:40
> > + case "${action}" in
> > + '[' -z green0 ']'
> > + '[' -d /sys/class/net/orange0 ']'
> > + '[' '!' -d /sys/class/net/green0 ']'
> > + '[' -z 400 ']'
> > + echo 'Creating VLAN interface orange0...'
> > Creating VLAN interface orange0...
> > + vconfig add green0 400
> > Added VLAN with VID == 400 to IF -:green0:-
> > + ip link set green0.400 name orange0
> > + '[' -n 00:22:4D:84:A5:40 ']'
> > + ip link set orange0 address 00:22:4D:84:A5:40
> > + ip link set green0 up
> > 
> > Yeah! The finale countdown ;-)
> > 
> > So, i checket my ifconfig and only the device with no IP was displayed:
> > 
> > blue0     Link encap:Ethernet  HWaddr 00:22:4D:84:A5:30
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:0
> >           RX bytes: (0 Kb)  TX bytes: (0 Kb)
> > 
> > WTF? okay. I configure my /var/ipfire/ethernet/settings once again as
> > described here:
> > 
> > BLUE_DEV=blue0
> > BLUE_MACADDR=00:22:4d:84:a5:30
> > BLUE_DESCRIPTION='"pci: Intel Corporation 82574L Gigabit Network
> > Connection"'
> > BLUE_DRIVER=e1000e
> > BLUE_ADDRESS=192.168.2.1
> > BLUE_NETMASK=255.255.255.0
> > BLUE_NETADDRESS=192.168.2.0
> > BLUE_BROADCAST=192.168.2.255
> > 
> > Next step - reboot firewall! then the result from ifconfig said:
> > 
> > blue0     Link encap:Ethernet  HWaddr 00:22:4D:84:A5:30
> > 	  inet addr:192.168.2.1  Bcast:192.168.2.255  Mask:255.255.255.0
> >           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
> >           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> >           TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
> >           collisions:0 txqueuelen:0
> >           RX bytes: (0 Kb)  TX bytes: (0 Kb)
> > 
> > BUT - my firewall droped my DNS and HTTP requests. I tried to change the
> > rules with the firewall-mode from 1 to 0 and in the WUI by mode 1 to set
> > rules for wireless to allow this connections. Without success!
> > 
> > for example:
> > Jul  1 21:23:10 ipfw kernel: DROP_WirelessinputIN=blue0 OUT=
> > MAC=00:22:4d:84:a5:30:7c:61:93:16:2f:82:08:00 SRC=192.168.2.10
> > DST=192.168.2.1 LEN=69 TOS=0x00 PREC=0x00 TTL=64 ID=25514 DF PROTO=UDP
> > SPT=1083 DPT=53 LEN=4
> > 
> > Any idea?
> > 
> > BG, Thomas
> > 
> > Am 01.07.2013 11:53, schrieb Michael Tremer:
> >> On Sun, 2013-06-30 at 15:37 +0200, Thomas Berthel wrote:
> >>> Hi @ all,
> >>>
> >>> i have checked the /etc/init.d/network-vlans Script and become following
> >>> messages: Invalid action
> >>>
> >>> The dubug output says:
> >>>
> >>> (/var/ipfire/ethernet):/etc/init.d/network-vlans
> >>> + CONFIG_FILE=/var/ipfire/ethernet/vlans
> >>> + '[' -e /var/ipfire/ethernet/vlans ']'
> >>> ++ /usr/local/bin/readhash /var/ipfire/ethernet/vlans
> >>> + eval '#GREEN_VLAN_ID=20' BLUE_VLAN_ID=300 ORANGE_VLAN_ID=400
> >>> + action=
> >>> + for interface in green0 blue0 orange0
> >>> + case "${interface}" in
> >>> + PARENT_DEV=
> >>> + VLAN_ID=
> >>> + MAC_ADDRESS=
> >>> + case "${action}" in
> >>> + echo 'Invalid action: '
> >>> Invalid action:
> >>> + exit 1
> >>
> >> Please run /etc/init.d/network-vlans start or /etc/init.d/network-vlans
> >> to start and stop the virtual interfaces.
> >>
> >> -Michael
> >>
> > 
> > _______________________________________________
> > Documentation mailing list
> > Documentation(a)lists.ipfire.org
> > http://lists.ipfire.org/mailman/listinfo/documentation
> > 
> 
> _______________________________________________
> Documentation mailing list
> Documentation(a)lists.ipfire.org
> http://lists.ipfire.org/mailman/listinfo/documentation