Andres Seco Hernandez wrote:
>
> Are you sure you haven't any rule to stop the link when you receive that
> packet to the 224 ip address?
> Send me your filter file, if you want me to study it.
Very, very kind from you! This is the support which make free
software the only choice!
Here I attach my filter file.
I summarize my problem and why I think there my be a bug in
diald:
The connection is started by a ping from local to remote. The log
is OK with this, you see the line:
Adding connection 0x80633a0 @ 954747060 - timeout 60
The only packet received after that, is 5 seconds later from
remote to local. The packet is ignored because no rule matches
it. The log say:
filter ignored rule 0 proto 2 len 35 packet
194.247.164.195,0 => 224.0.0.2,0
Just after that the log says "Closing down idle link".
Why an ignored packet shorten the connection timeout? Didn't a
connection added by diald have to be deleted before a link is
considered idle?
Niccolo
Firenze - Italy
# /etc/diald/standard.filter Rules to keep diald link active.
#
# Version: 1.1 30-Mar-2000
#
# Author: Niccolo Rigacci <[EMAIL PROTECTED]>
#
# NOTE: diald apply the first rule that matches the packet,
# so order is critical!
#
# Also check your /etc/services for correct definition of
# services like www, https, ecc.
#--------------------------------------------------------------------
# TCP rules
#--------------------------------------------------------------------
# Time to live for the link when initiating a connection (SYN).
accept tcp 60 tcp.syn
# DNS traffic does not hold the link up.
ignore tcp tcp.dest=tcp.domain
ignore tcp tcp.source=tcp.domain
# Ignore empty packets of a live connection (i.e. not a SYN packet).
ignore tcp ip.tot_len=40,tcp.live
# HTTP and HTTPS traffic keep the link up for 2 minutes.
accept tcp 120 tcp.dest=tcp.www
accept tcp 120 tcp.source=tcp.www
accept tcp 120 tcp.dest=tcp.https
accept tcp 120 tcp.source=tcp.https
# Cut the time to live of a closed connection to 30 seconds
# and ignore the traffic of a closing connection.
keepup tcp 30 !tcp.live
ignore tcp !tcp.live
# FTP traffic keep the link up for 2 minutes.
accept tcp 120 tcp.dest=tcp.ftp
accept tcp 120 tcp.source=tcp.ftp
accept tcp 120 tcp.dest=tcp.ftp-data
accept tcp 120 tcp.source=tcp.ftp-data
# Other TCP traffic (SMTP, POP3, ...) will keep the link for 2 minutes.
accept tcp 120 any
#--------------------------------------------------------------------
# UDP rules
#--------------------------------------------------------------------
# Don't keep up the link for rwho, RIP, NTP and timed.
ignore udp udp.dest=udp.who
ignore udp udp.source=udp.who
ignore udp udp.dest=udp.route
ignore udp udp.source=udp.route
ignore udp udp.dest=udp.ntp
ignore udp udp.source=udp.ntp
ignore udp udp.dest=udp.timed
ignore udp udp.source=udp.timed
# Don't keep up the link for DNS traffic between two DNS servers.
ignore udp udp.dest=udp.domain,udp.source=udp.domain
# Keep the link for a DNS query from the resolver library.
# Note that this is the common way for starting the link.
accept udp 90 udp.dest=udp.domain
accept udp 90 udp.source=udp.domain
# Ignore NetBIOS traffic.
ignore tcp tcp.dest=tcp.netbios-ns
ignore tcp tcp.dest=tcp.netbios-dgm
ignore tcp tcp.dest=tcp.netbios-ssn
ignore tcp tcp.source=tcp.netbios-ns
ignore tcp tcp.source=tcp.netbios-dgm
ignore tcp tcp.source=tcp.netbios-ssn
ignore udp udp.dest=udp.netbios-ns
ignore udp udp.dest=udp.netbios-dgm
ignore udp udp.dest=udp.netbios-ssn
ignore udp udp.source=udp.netbios-ns
ignore udp udp.source=udp.netbios-dgm
ignore udp udp.source=udp.netbios-ssn
# Don't keep up the link for routed and gated traffic.
ignore udp tcp.dest=udp.route
ignore udp tcp.source=udp.route
# Any other UDP packet keep the link for 2 minutes.
accept udp 120 any
#--------------------------------------------------------------------
# ICMP Rules
#--------------------------------------------------------------------
# Ping packets keep the line for 60 seconds.
accept icmp 60 any
#--------------------------------------------------------------------
# Catch All Rules
#--------------------------------------------------------------------
# Any other packet keep the link for 1 minute.
# Removed! Receiving packets proto 89 every 10 seconds !!!!
# accept any 60 any
09:31:00 diald[15713]: filter accepted rule 42 proto 1 len 84 packet 192.168.254.1,0
=> 194.247.160.2,0
09:31:00 diald[15713]: Adding connection 0x80633a0 @ 954747060 - timeout 60
09:31:01 diald[15713]: Running connect (pid = 5815).
09:31:03 diald[15713]: Running pppd (pid = 5816).
09:31:03 pppd[5816]: pppd 2.3.5 started by root, uid 0
09:31:03 pppd[5816]: Using interface ppp0
09:31:03 pppd[5816]: Connect: ppp0 <--> /dev/ttyS0
09:31:04 pppd[5816]: Remote message:
09:31:04 pppd[5816]: local IP address 195.191.9.27
09:31:04 pppd[5816]: remote IP address 194.247.164.195
09:31:04 diald[15713]: New addresses: local 195.191.9.27, remote 194.247.164.195.
09:31:04 diald[15713]: Setting pointopoint route for ppp0
09:31:04 diald[15713]: Establishing routes for ppp0
09:31:04 diald[15713]: proxy arp: scanning 4 interfaces for IP 194.247.164.195
09:31:04 diald[15713]: proxy arp: examining interface lo
09:31:04 diald[15713]: proxy arp: examining interface eth0
09:31:04 diald[15713]: proxy arp: interface addr 192.168.1.1 mask ffffff00
09:31:04 diald[15713]: proxy arp: examining interface ppp0
09:31:04 diald[15713]: proxy arp: examining interface sl0
09:31:04 diald[15713]: Changed snoop device to ppp0
09:31:04 diald[15713]: running ip-up script '/etc/diald/ip-up ppp0 255.255.255.255
195.191.9.27 194.247.164.195'
09:31:05 diald[15713]: filter ignored rule 0 proto 2 len 35 packet 194.247.164.195,0
=> 224.0.0.2,0
09:31:05 diald[15713]: Closing down idle link.
09:31:05 diald[15713]: Setting pointopoint route for sl0
09:31:05 diald[15713]: Establishing routes for sl0
09:31:05 diald[15713]: proxy arp: scanning 4 interfaces for IP 192.168.254.2
09:31:05 diald[15713]: proxy arp: examining interface lo
09:31:05 diald[15713]: proxy arp: examining interface eth0
09:31:05 diald[15713]: proxy arp: interface addr 192.168.1.1 mask ffffff00
09:31:05 diald[15713]: proxy arp: examining interface ppp0
09:31:05 diald[15713]: proxy arp: examining interface sl0
09:31:05 diald[15713]: Removing routes for ppp0
09:31:05 diald[15713]: ioctl(SIOCDARP): Device not configured
09:31:05 diald[15713]: Deleting pointopoint route for ppp0
09:31:05 diald[15713]: Closed fwdfd
09:31:05 diald[15713]: Changed snoop device to sl0
09:31:05 pppd[5816]: Terminating on signal 2.
09:31:05 pppd[5816]: Connection terminated.
09:31:05 pppd[5816]: Exit.
09:31:05 diald[15713]: Setting pointopoint route for sl0
09:31:05 diald[15713]: Establishing routes for sl0
09:31:05 diald[15713]: proxy arp: scanning 3 interfaces for IP 192.168.254.2
09:31:05 diald[15713]: proxy arp: examining interface lo
09:31:05 diald[15713]: proxy arp: examining interface eth0
09:31:05 diald[15713]: proxy arp: interface addr 192.168.1.1 mask ffffff00
09:31:05 diald[15713]: proxy arp: examining interface sl0
09:31:05 diald[15713]: Closing modem line.
09:31:06 diald[15713]: running ip-down script '/etc/diald/ip-down sl0 255.255.255.255
195.191.9.27 194.247.164.195'
09:31:06 diald[15713]: Delaying 30 seconds before clear to dial.
