Re: [Masq] Bug Report

David Ranch Sat, 09 Sep 2000 23:47:35 -0700
/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
/* ALSO: Don't quote this header. It makes you look lame :-) */


 >I finally "stumbled" across what was causing the problem. This problem would
 >begin as soon as I installed the ipmasqadm rpm file, and restarted my 
firewall
 >with some ipmasqadm entries in it(see below). It would not happen right away,
 >but eventually (minutes or hours), my connectivity would fail. As soon as I
 >removed ipmasqadm and the entries, then rebooted, everything would run fine
 >for months.

IPMASQADM is only a kernel controller much like IPCHAINS.  Even if
you don't use the main ipmasqadm tool, the kernel support has always
been there.

So, I take it that once you stopped configuring PORTFWed
redirections, things became more stable for you?  If so,
what exact port redirections were you doing?  Mind you,
redirecting 1024-65535 for H.323 support does NOT count.


 >My question is this, is there something wrong with my firewall entries that
 >could kill every port as soon as I install ipmasqadm, or is there a problem
 >with the program itself?

Nope.. I've had great luck with it.


 >#ipmasqadm autofw -A -r udp 2300 2400 -h 192.168.0.100
 >#ipmasqadm autofw -A -r tcp 2300 2400 -h 192.168.0.100

Ahhh.. Try it again with PORTFW support instead of AUTOFW.
You'll have to script it a little to be able to do ranges
of ports but full examples are available in the MASQ
HOWTO.

 >#ipmasqadm autofw -A -r upd 1100 7000 -h 192.168.0.100
 >#ipmasqadm autofw -A -r tcp 1100 5000 -h 192.168.0.100
 >#ipmasqadm autofw -A -r udp 47624 47624 -h 192.168.0.100

Holy cow.. this is a LOT of ports.  I wouldn't recommend
that at ALL!  What application needs something this
large?

--David
.----------------------------------------------------------------------------.
|  David A. Ranch - Linux/Networking/PC hardware         [EMAIL PROTECTED]  |
!----                                                                    ----!
`----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'

_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- 
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
Re: [Masq] Bug Report

Reply via email to
