The LAN Adapter in the PC that is connected to the Ipfire-PC is rejected since the Update 170.
Nothing has been changed.
Every package send to or from this LAN adapter is answered by “drop Input” “drop Forward” with this “netbios dgm” message.
The IP of the LAN Adapter is 192.168.1.2 and is connected to the ipfire (192.168.1.1). The ipfire ist connected to a Fritzbox (192.168.178.1).
That has been working correctly since the Update to 170.
Are you able to look at /var/log/messages and ifconfig from a console ( directly connected,not via SSH )?
I suppose your IPFire can’t establish an internet connection using the Fritzbox ( in router mode with double NAT?).
The Computer directly connected to the ipfire (via Switch) can not Connect to the ipfire.
Not by ssh or Ping or something else.
Others PC connected (via Switch) can. (Ping working)
So I was thinking it has to do with some kind of firewall in the PC itself, but nothing has changed there.
Disabling any Security in that specific PC doesn’t change anything.
As I said: the Same configuration worked before the 170 Update.
Could you be a bit more specific about your configuration?
how are the devices connected?
how is your FW configuration?
Your smartphone( ) screenshot shows messages for red0 ( the WAN interface ) only. Are there other DROP_xxx messages on other interfaces? Is the logging on green0 and/or blue0 enabled?
I’m trying to discripe my setup.
Perhaps that helps.
Fritzbox (192.168.178.1) Routing to 192.168.178.2(ipfire Red)
Kocobox (192.168.178.231, it’s for the Telematic Infrastructure for medicine in Germany)
The Kocobox is connected to the Fritzbox.
The Fritzbox ist connected to ipfire (Red)
The PC ist connected to ipfire (via Switch, Green)
Before the Update everything was working.
The PC could connect to the Kocobox and vice versa.
Ping from Kocobox to ipfire (192.168.1.1) working!
Ping from Kocobox to Fritzbox (192.168.178.1) working!
Ping from Kocobox to PC (192.168.1.2) NOT working!
Ping from PC (192.168.1.2) to ipfire NOT working!
Ping from PC (192.168.1.2) to Kocobox NOT working!
As far I can see, you have a nearly standard configuration.
LAN ( including your PC ) connected to green0 of IPFire ( I suppose the switch is a stanard one ),
IPFire connected to WAN constructed by the Fritzbox router as gateway.
For connections initiated by the Kocobox you need a port forward rule in IPFire. The other way around should work out-of-the-box.
We do not know, whether it is the RPF strictness. But you can test it. See the threads in our forum.
For your network, it isn’t easy to help without knowledge of the exact settings.
Not knowing the configuration of the Fritzbox and the Kokobox, it would help if you could specify the functionality these devices realize in your installation and how they are configured ( in a more general manner ).
This is no offending. But my experience is, that describing of a system by the admin helps a lot ( for the helper and the admin ).
The PC runs a dental Software with IP 192.168.1.2 at the LAN Adapter.
The patient has to put his/her health insurance Card in a Orga 6141 (192.168.178.232)
The software calls the data from that card and checks online via the Kocobox (192.168.178.231) if the card ist valid and tells the software.
To avoid a more complex system setup, the Kocobox and Cardreader are installed parallel to the “Intranet” (ipfire), because there is enough security measures installed in the Kocobox, so it does not need to be behind a additional Firewall.
The Kocobox and Card Reader can comunicate without a Problem.
The Kocobox is connected “directly” to the Card reader via the Fritzbox.
As I said: there hast been no single change for the PC, the Kocobox, the Card Reader…it worked with 169.
But after the Update, the LAN Adapter can not connect to the ipfire, the Card Reader, the Kocobox, nor the Internet.
So my first thought was, that the Update caused that.
I checked and changed LAN cables etc.
Windows ist allowed to accept packages from other subnets.
Did you check the ip of the green interface after the update? On the starting page green should be listed as 192.168.1.1/24. A /32 could explain that behaviour - or a completely different ip. Though I don‘t know how your config could have been changed in an update.