Server Help

[Solo Ace]

Right, a week ago I got my m0n0wall box up and running. I'm having some issues with it though.

The major problem is my MSN Messenger getting disconnected a few times per hour.

This is what the firewall log shows when it happens:



According to MSN Messenger:

"You have a direct connection to MSN Messenger."
"You are connected to the internet through a non-UPnP for a port limited NAT."

So, does this actually mean I'll need UPnP for this to resolve?
Meh, m0n0wall doesn't even support it, even though one might see it as a security breach, it should still be available.

[Mine GO BOOM]

That is showing outgoing connections that are being blocked by the firewall. What does your Firewall: Rules: LAN section look like? Unless you have a specific need, you should allow all outgoing LAN connections.

Based upon you blocking 207.68.178.12, I'm guessing you imported a list of IPs to block ads. Blocking ads via a firewall isn't really the best way to go about it. I'd at least remove that one IP from your outgoing block list.

[Solo Ace]

For some reason my m0n0wall says it can't find the device that contains config.xml, which is pretty annoying.
The floppy drive is fine, the floppies I use are fine too, but whatever, that's not my biggest problem.

Wait... wtf? I actually reformatted this floppy, and my old NAT port forwarding rules are still active. Right, well, my m0n0wall runs off a USB stick, so I guess it uses that for the storage of the config.

Actually, I didn't block anything at all, my installs are mostly original.
All LAN traffic was on FORWARD to the WAN. I can actually just telnet to 207.68.178.12. I think it's really weird why it says it's blocked, because my rules aren't blocking anything.
If I knew I would've blocked a few IP addresses, I would've thought of that first before posting here.

Hm, I turned

[Default]

This what I got for that IP address Solo Ace.

nmap -P0 207.68.178.12

Starting Nmap 4.20 ( http://insecure.org ) at 2007-01-23 14:16 Paris, Madrid
Interesting ports on 207.68.178.12:
Not shown: 1695 filtered ports
PORT STATE SERVICE
80/tcp open http
443/tcp closed https

Nmap finished: 1 IP address (1 host up) scanned in 52.656 seconds

nmap -v -P0 207.68.178.12

Starting Nmap 4.20 ( http://insecure.org ) at 2007-01-23 14:20 Paris, Madrid
Initiating Parallel DNS resolution of 1 host. at 14:20
Completed Parallel DNS resolution of 1 host. at 14:20, 0.01s elapsed
Initiating SYN Stealth Scan at 14:20
Scanning 207.68.178.12 [1697 ports]
Discovered open port 80/tcp on 207.68.178.12
SYN Stealth Scan Timing: About 37.89% done; ETC: 14:21 (0:00:49 remaining)
Completed SYN Stealth Scan at 14:21, 53.22s elapsed (1697 total ports)
Host 207.68.178.12 appears to be up ... good.
Interesting ports on 207.68.178.12:
Not shown: 1695 filtered ports
PORT STATE SERVICE
80/tcp open http
443/tcp closed https

Nmap finished: 1 IP address (1 host up) scanned in 53.422 seconds
Raw packets sent: 3402 (149.688KB) | Rcvd: 13 (612B)

[Solo Ace]

Uhm, thank you Default...
I can NMap other hosts too, but thank you...

Anyway, turning "Block private networks" off didn't really help much.
In the "Default LAN -> any" rule on LAN (which is my only LAN rule) I have [ ] Allow fragmented packets enabled, and I hope that helps.

I think it's because MSN attempts to re-initiate the session, but fails for some odd reason.
File transfers are slow, webcam connections are fine, but I know how to solve the transfers.

I'll see if allowing packet fragmentation fixes anything, even though it shouldn't have been causing problems.

[Default]

Ah okay, I thought you wanted to know

[Solo Ace]

No I want to know why my firewall is dropping or rejecting connections to that IP address, plus a few others.

[Cyan~Fire]

When I ping that IP, I get

[Solo Ace]

HOW INTERESTING CYAN BUT NOT REALLY HELPFUL!

Fine, I'll look somewhere else, or otherwise, just dump m0n0wall.

[Default]

Do you have an any internet security online Solo?

[Mine GO BOOM]

[Solo Ace]

I actually wanted to do that before, but, my configs are pretty close to the default config.

I hate uploading, I'll just paste.

Code: Show/Hide <?xml version="1.0"?> <m0n0wall>    <version>1.6</version>    <lastchange>1169671123</lastchange>    <system>       <hostname>m0n0wall</hostname>       <domain>local</domain>       <dnsallowoverride/>       <username>admin</username>       <password>xxxxxxxxxx</password>       <timezone>Europe/Amsterdam</timezone>       <time-update-interval>300</time-update-interval>       <timeservers>pool.ntp.org</timeservers>       <webgui>          <protocol>http</protocol>          <certificate/>          <private-key/>          <expanddiags/>          <port/>       </webgui>       <harddiskstandby/>       <dnsserver>194.109.6.66</dnsserver>       <dnsserver>194.109.9.99</dnsserver>    </system>    <interfaces>       <lan>          <if>fxp0</if>          <ipaddr>192.168.1.1</ipaddr>          <subnet>24</subnet>          <media/>          <mediaopt/>       </lan>       <wan>          <if>xl0</if>          <mtu/>          <media/>          <mediaopt/>          <ipaddr>dhcp</ipaddr>          <dhcphostname/>          <spoofmac/>       </wan>    </interfaces>    <staticroutes/>    <pppoe/>    <pptp/>    <bigpond/>    <dyndns>       <type>dyndns</type>       <username/>       <password/>       <host/>       <mx/>       <server/>       <port/>    </dyndns>    <dnsupdate/>    <dhcpd>       <lan>          <enable/>          <range>             <from>192.168.1.100</from>             <to>192.168.1.199</to>          </range>       </lan>    </dhcpd>    <pptpd>       <mode/>       <redir/>       <localip/>       <remoteip/>    </pptpd>    <dnsmasq>       <enable/>    </dnsmasq>    <snmpd>       <syslocation/>       <syscontact/>       <rocommunity>public</rocommunity>       <bindlan/>    </snmpd>    <diag>       <ipv6nat>          <ipaddr/>       </ipv6nat>    </diag>    <bridge/>    <syslog>       <reverse/>       <nentries>50</nentries>       <remoteserver/>    </syslog>    <nat>       <rule>          <protocol>tcp</protocol>          <external-port>60538</external-port>          <target>192.168.1.198</target>          <local-port>60538</local-port>          <interface>wan</interface>          <descr>eMule</descr>       </rule>       <rule>          <protocol>udp</protocol>          <external-port>21756</external-port>          <target>192.168.1.198</target>          <local-port>21756</local-port>          <interface>wan</interface>          <descr>eMule UDP</descr>       </rule>    </nat>    <filter>       <rule>          <interface>wan</interface>          <protocol>tcp</protocol>          <source>             <any/>          </source>          <destination>             <address>192.168.1.198</address>             <port>60538</port>          </destination>          <descr>NAT eMule</descr>       </rule>       <rule>          <interface>wan</interface>          <protocol>udp</protocol>          <source>             <any/>          </source>          <destination>             <address>192.168.1.198</address>             <port>21756</port>          </destination>          <descr>NAT eMule UDP</descr>       </rule>       <rule>          <type>pass</type>          <interface>lan</interface>          <source>             <network>lan</network>          </source>          <destination>             <any/>          </destination>          <frags/>          <descr>Default LAN -> any</descr>       </rule>       <bypassstaticroutes/>       <tcpidletimeout/>    </filter>    <shaper/>    <ipsec/>    <aliases/>    <proxyarp/>    <wol/> </m0n0wall>

So, uh, I don't really see much wrong in there. Anyways, I hate it how it makes my Hamachi and my MSN Messenger disconnect once every 15 minutes.

[Solo Ace]

I did a full configuration reset for both my WAN adapter and my m0n0wall box.

I'm leaving the default configurations active and see if the problem persists (uh crap, I just got disconnected once again, but I guess that doesn't count because it was right after I changed something on my WAN adapter).

It's actually really frustrating. I can't even have a normal conversation without getting kicked from it.
And when I'm away, I go offline, and then it automatically reconnects so people will think I come online.

Today, some idiot (who's in my list because he wants me to help him with his silly Java project) got all "fuck you then" on me because he thought I was ignoring him.
I love it how pathetic people can be when they try to express their anger. Makes me feel so warm inside!

Anyway, would Hamachi be able to cause the issue?
I disconnect every single box on my LAN except for this one. I took my VPN client down, I reset all configurations, now if it still kicks me off...

[Mine GO BOOM]

I'm going to take a wild guess, and say it has less to do with your router than other problems. Either on your computer, the modem itself, or your connection to your ISP. Having MSN reconnect, even when it is set to offline anyways, sounds like a configuration problem you have with your MSN connection. The problems you have with your friends are them being idiots (I found always be connected and not always there is so much nicer than only being connected when there). Hamachi is configured only to deal with a subset of IP ranges, and more specific certain protocols and ports. Anything else VPN wise on your machine?

Does your MSN problem happen on all machines in your network? It starting a week after you setup m0n0wall sounds a lot like software or connection problems.

[Solo@School]

A new part of the year, again, nothing to do...

[Solo Ace]

Right, I'm sick of my MSN's connection being so damn slow (file transfers seriously take ages, even with the correct settings).

I'm an idiot for running SP2 though. Yesterday a friend of mine sent me a MP3 over Messenger file transfer and it got deleted by Windows immediately after the transfer. I know there's some registry fix for it, but whatever.

Anyway, I think my Messenger's connection uptime has been better than before, the past few days. So... maybe it was just one of the settings...
But I'm changing my computer/network setup again.
I used a P4 2.4GHz box as firewall, yeah, overkill. I moved m0n0wall to a much smaller box now, AMD 1.2GHz. The P4 2.4GHz is going to be my Mac OS X box.

I don't know why, but I'm kinda starting to dislike Linux as desktop system.

[Samapico]

[Animate Dreams]

I have SP2, have since before the standard release(I got the first release that was mainly for corporations, I guess), and I haven't encountered a single problem, except for a week ago when I got BSOD'd(and actually managed to recover). If you're having files go missing, I doubt it's Windows's problem.

[Samapico]

What he's talking about (I think) is the Windows Security Center or something warning you about a "dangerous" file, and deletes it... Without giving you any choice, and no way to recover it. And there is NO way to disable this behaviour through the control panel (I had everything of Windows Security disabled, firewall, antivirus, etc.)

Ok here's the registry you need to change to fix this...
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
Add (or edit) a string value named 'LowRiskFileTypes'
put in whatever extensions you want it not to check, like:
.mp3;.wmv;.mpg;.mpeg;.jpg;.png;.zip;.rar;.txt

[Animate Dreams]

[Solo Ace]

You don't believe this? I didn't expect this to happen, but when it did I thought "Hm, yeah, guess I was right about SP2, I'm going to hate it.

Read this and read these threads/posts, like on Yedda.com - “Where can I find file deleted by Windows for security reasons?”
digg -> Does MSN Messenger delete your files?

Still don't believe it?

Yeah, it's stupid, and pisses me off.
That was indeed what I was saying.

Anyway, the connection appears to be much more stable here. I hope it'll stay that way.

[Mine GO BOOM]

If you are having problems with specific software, use different ones. Miranda, Gaim, and Trillian all support MSN fine. What they added is useful for the average users that will run anything that they get in email or IMs.

[Animate Dreams]

I still don't believe it, because I've been using MSN messenger as my main messenger program for several years now and it's never deleted anything of mine, though it did warn me about a .exe before.

[Samapico]

then you're just lucky... it happened like 10 times out of a thousand transfers or something... on both this computer and my old one.
Also, it only happens when you click 'Open' from the messenger window... So if you have the habit of going to the folder directly with explorer instead, it most likely won't happen to you

[Solo Ace]

Or Ani isn't running SP2.