I use an ISDN line with connection times being 10 sec. The packets that get buffered by diald have already passed through the firewall. When they are forwarded to the new interface when it comes up, they do not pass through the firewall, so they cannot be masqueraded. The result is initial connection attempts that trigger diald to dial fail, at least thats what happens with win95 apps. Only two SYNs about three seconds apart generally occur from the win95 apps I have tcpdumped. Sure would be nifty if the buffered packets could be sent through the firewall again like using localhost interface. I wonder how hard that would be to do, sending them maybe using netif_rx (). Comments welcome, please... Due to the current manner they are forwarded, I do not buffer as I am masquerading all. The ip-dynamic thing helps with the local Linux box, but it changes the ip source on new packets, not the buffer. No help for clients on other boxes though. -------------------------------------------------- Stan A. Rogge mailto:[EMAIL PROTECTED] http://www.rogge.net ftp://ftp.rogge.net -------------------------------------------------- - To unsubscribe from this list: send the line "unsubscribe linux-diald" in the body of a message to [EMAIL PROTECTED]
