/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
>I finally "stumbled" across what was causing the problem. This problem would
>begin as soon as I installed the ipmasqadm rpm file, and restarted my
firewall
>with some ipmasqadm entries in it(see below). It would not happen right away,
>but eventually (minutes or hours), my connectivity would fail. As soon as I
>removed ipmasqadm and the entries, then rebooted, everything would run fine
>for months.
IPMASQADM is only a kernel controller much like IPCHAINS. Even if
you don't use the main ipmasqadm tool, the kernel support has always
been there.
So, I take it that once you stopped configuring PORTFWed
redirections, things became more stable for you? If so,
what exact port redirections were you doing? Mind you,
redirecting 1024-65535 for H.323 support does NOT count.
>My question is this, is there something wrong with my firewall entries that
>could kill every port as soon as I install ipmasqadm, or is there a problem
>with the program itself?
Nope.. I've had great luck with it.
>#ipmasqadm autofw -A -r udp 2300 2400 -h 192.168.0.100
>#ipmasqadm autofw -A -r tcp 2300 2400 -h 192.168.0.100
Ahhh.. Try it again with PORTFW support instead of AUTOFW.
You'll have to script it a little to be able to do ranges
of ports but full examples are available in the MASQ
HOWTO.
>#ipmasqadm autofw -A -r upd 1100 7000 -h 192.168.0.100
>#ipmasqadm autofw -A -r tcp 1100 5000 -h 192.168.0.100
>#ipmasqadm autofw -A -r udp 47624 47624 -h 192.168.0.100
Holy cow.. this is a LOT of ports. I wouldn't recommend
that at ALL! What application needs something this
large?
--David
.----------------------------------------------------------------------------.
| David A. Ranch - Linux/Networking/PC hardware [EMAIL PROTECTED] |
!---- ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.