Re: [Masq] RealEncoder masqing

Tom Marshall Sun, 09 Sep 2001 20:52:42 -0700
/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
/* ALSO: Don't quote this header. It makes you look lame :-) */


For the 2.2.x series, I would certainly be delighted if the module made it
into the official kernel.  I am not convinced that it is 100% stable yet,
but it seems to work well for low traffic situations.  I say this because a
certain company uses a masquerading firewall for approx. 1000 users and I
convinced the network administrator to try my module out on the machine.  It
worked fine, but the machine seemed to start having kernel panics every few
weeks for no apparent reason.  It may or may not have been related to my
module -- it's very difficult to debug kernel panics in a production system.

I will probably port the module to iptables when I upgrade my firewall to
2.4.x.  Unfortunately, I don't have any reason to upgrade my firewall yet. 
Perhaps if the Debian team drops support for 2.2 kernels in Woody... ;-)
Again, it would be nice if the code found its way into the official
kernel... but first someone needs to port it.

On Sun, Sep 09, 2001 at 06:44:50PM -0700, David Ranch wrote:
> 
> Hey Tom,
> 
> Any plans to submit this to be included in the next version
> of the 2.2.x kernels?  Any plans to port it to 2.4.x kernels
> as this is sorely missing today.
> 
> --David
> 
> 
> >It is a complete rewrite of the module.  The major functional difference is
> >that my module does not support PNA (an old pre-G2 binary protocol) but
> >attempts to do RTSP as correctly as possible.  By correct, I mean that the
> >module replaces the client_port in both directions.  All previous modules
> >"leak" the masq box's allocated port back to the client like this:
> >
> >C->S: Transport: RTP/AVP/UDP;client_port=6970-6971
> >(masq module replaces client_port with something like 60246-60247)
> >S->C: Transport: 
> RTP/AVP/UDP;client_port=60246-60247;server_port=10026-10027
> >
> >My module will replace the client_port with the original values before
> >sending the reply back to the client.  Others don't.

_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- 
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
Re: [Masq] RealEncoder masqing

Reply via email to
