/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */ Hello Michael, Thanks for your help. I was hoping for something simpler than that. I used 10.10.10.10 as a hypothetical internet address. Let say its 216.111.222.333. I am able to telnet and ping to 216.111.222.333. But I cannot ftp and http to this address from my internal masqed hosts. Any help is appreciated. Regards, Vernon >From: "Michael Best" <[EMAIL PROTECTED]> >To: Nik T <[EMAIL PROTECTED]> >Subject: [Masq] Why am I not able to connect to the external address from >internal masqed PCs? >Date: Thu, 06 Jul 2000 22:10:49 EDT >MIME-Version: 1.0 >Received: from [216.189.8.110] by hotmail.com (3.2) with ESMTP id >MHotMailBB2E86710084D820F3ACD8BD086E04CC0; Thu Jul 06 19:07:46 2000 >Received: from com.org (com.org [216.189.13.22])by ru3.servadmin.com >(8.9.3/8.9.3) with SMTP id WAA06869for <[EMAIL PROTECTED]>; Thu, 6 Jul >2000 22:14:01 -0400 >From [EMAIL PROTECTED] Thu Jul 06 19:10:35 2000 >Message-id: <[EMAIL PROTECTED]> >In-reply-to: <[EMAIL PROTECTED]> > >On 07 Jul 2000, Nik T wrote: > > > Why am I not able to connect to the external address from internal >masqed > > PCs? > >If you are using portfw or mfw this will not work unless you modify the >kernel. I've written a patch which you can download at >http://www.com.org/~michael/masq-demasq.zip. Save it in /usr/src as >masq-demasq.patch and run "patch -l -p0 <masq-demasq.patch" from there. >This >patch basically allows "de-masqed" packets to be "masq-ed" again. Thus it >checks the forward chain even when packets have been de-masqed. However, it >ignores "DENY" or "REJECT" targets. Thus your MASQ rule should be based >only >on the source address and not on the destination interface or address. > >-- Michael Best > ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
