I just brought up my fourth RH7.3 server Friday afternoon (one of two RH7.0 servers that had been hacked-new hard drive and software). I then went home and spent a couple of hours connected to it with ssh on a workstation connected to my home RH7.3 server.

When I went to rerun a slightly modified (open ports for ftp and internal dhcp twiddling) ipchains firewall I lost the connection, and, more than 16 hours later, don't have it back.

Other relevant details. (let's call the servers Home and EFO)

Home was the other hacked server, and was formatted and rebuilt last weekend.

Home and EFO are on the same ISP and each has a block of 4 static IPs. The blocks share the first 18 bits of their IP#s.

Home could connect to EFO last night

Home now cannot connect to EFO via ssh, or access its web site. Pings are disabled on all my servers - so I can't do that test.

EFO network workstations can browse the web; I can ping out from the EFO linux box or workstations, and can ping EFO's Cisco 678 router from its Linux box

EFO workstations cannot access Home websites (but I had not tried this before since rebuilding EFO Linux box

Home Cisco 678 cannot be pinged from Home Linux box (!) or EFO (Linux or workstation), but can be pinged from my office (Linux box on other ISP). >From my office workstation I can also ssh to EFO and access EFO website (which in fact I uploaded to the new server from my office today). Does this discount the possibility of a firewall issue?

I spent countless hours talking to the ISP (Qwest) tech support, and over an hour with a senior tech who had some Linux knowledge, and he claims that it must be a configuration issue on one or both of my Home and EFO Linux boxes, since:

  He can login to both my Cisco routers and ping the other router - he claims this proves its not a Qwest routing problem.

If he's right I'm still puzzled by two things:
a) Why could I connect from Home to EFO for two hours last night, no problems?
b) Why can't the Home Linux box ping the Cisco 678 directly connected to it?

I knew nothing about routing before today - here's the Home routing table:

route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
xxx.yyy.28.48   0.0.0.0         255.255.255.248 U     0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         xxx.yyy.28.54   0.0.0.0         UG    0      0        0 eth0

I tried the following but still could not access EFO (added just the EFO IP#, not the network  block:

#route add -host xxx.yyy.26.57 dev  eth0
# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
xxx.yyy.26.57   0.0.0.0         255.255.255.255 UH    0      0        0 eth0
xxx.yyy.28.48   0.0.0.0         255.255.255.248 U     0      0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         xxx.yyy.28.54   0.0.0.0         UG    0      0        0 eth0

Is this enough if to decide if the tech is right or crazy? Any suggestions - I still can't access Home from/to EFO.

Dick