I have upgraded to kernel 2.2.5. Since doing so my diald connection does not come up when I open Netscape. I am using Squid and the link comes only seems to come up when I try and ping an ip address. So it appears to me that diald is not bringing the connection up with DNS requests. I did not change any of my diald settings since upgrading. This is what I am doing for ipchains with my rc.firewall file. This is probably not a very secure system, but I am still trying to get it to work right, then I will attempt to tighten things up. #!/bin/sh # # rc.firewall - Initial SIMPLE IP Masquerade test for 2.1.x and 2.2.x kernels # using IPCHAINS # Load all required IP MASQ modules # # NOTE: Only load the IP MASQ modules you need. All current IP MASQ modules # are shown below but are commented out from loading. # Needed to initially load modules # /sbin/depmod -a # Supports the proper masquerading of FTP file transfers using the PORT method # /sbin/modprobe ip_masq_ftp # Supports the masquerading of RealAudio over UDP. Without this module, # RealAudio WILL function but in TCP mode. This can cause a reduction # in sound quality # /sbin/modprobe ip_masq_raudio # Supports the masquerading of IRC DCC file transfers # /sbin/modprobe ip_masq_irc # Supports the masquerading of Quake and QuakeWorld by default. This modules # is for for multiple users behind the Linux MASQ server. If you are going to # play Quake II and/or Quake I/II on other server ports, use the second # example. # #Quake I / QuakeWorld (ports 26000 and 27000) #/sbin/modprobe ip_masq_quake # #Quake I / QuakeWorld / and Quake II (ports 26000, 27000, 27910) #/sbin/modprobe ports=ip_masq_quake 26000,27000,27910 # Supports the masquerading of the CuSeeme video conferencing software # #/sbin/modprobe ip_masq_cuseeme # Supports the masquerading of the VDO-live video conferencing software # #/sbin/modprobe ip_masq_vdolive # CRITICAL: Enable IP forwarding since it is disabled by default since # # Redhat Users: you may try changing the options in # /etc/sysconfig/network from: # # FORWARD_IPV4=false # to # FORWARD_IPV4=true # echo "1" > /proc/sys/net/ipv4/ip_forward # Dynamic IP users: # # If you get your IP address dynamically from SLIP, PPP, or DHCP, enable # this following option. This enables dynamic-ip address hacking in IP MASQ, # making the life with Diald and similar programs much easier. # #echo "1" > /proc/sys/net/ipv4/ip_dynaddr # MASQ timeouts # # 2 hrs timeout for TCP session timeouts # 10 sec timeout for traffic after the TCP/IP "FIN" packet is received # 160 sec timeout for UDP traffic (Important for MASQ'ed ICQ users) # ipchains -M -S 7200 10 60 # Enable simple IP forwarding and Masquerading # # NOTE: The following is an example for an internal LAN address in the # 172.16.1.x network with a 255.255.255.0 or a "24" bit subnet mask. # # Please change this network number and subnet mask to match your internal # LAN setup # ipchains -P input ACCEPT ipchains -P forward REJECT #ipchains -A forward -p TCP -d any/0 www -j MASQ #ipchains -A forward -p TCP -d any/0 ftp -j MASQ #ipchains -A forward -p TCP -d any/0 nntp -j MASQ #ipchains -A forward -p TCP -d any/0 domain -j MASQ #ipchains -A forward -p ICMP -d any/0 -j MASQ #ipchains -A forward -p UDP -d any/0 domain -j MASQ ipchains -A forward -s 172.16.1.0/24 -j MASQ # DHCP: For people who receive their external IP address from either DHCP or # BOOTP such as ADSL or Cablemodem users, it is necessary to use the following # before the deny command. The "bootp_client_net_if_name" should be replaced # the name of the link that the DHCP/BOOTP server will put an address on to? # This will be something like "eth0", "eth1", etc. # # This example is currently commented out. # # #ipchains -A input -j ACCEPT -w bootp_clients_net_if_name -s 0/0 68 -d 0/0 67 - # p udp Thanks -- Keith [EMAIL PROTECTED] Linux http://www.linux.org - To unsubscribe from this list: send the line "unsubscribe linux-diald" in the body of a message to [EMAIL PROTECTED]
