[Masq] Internal Port forwarding (kernel 2.2.19)

Thomas Jarosch Sat, 20 Oct 2001 07:22:55 -0700

/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
/* ALSO: Don't quote this header. It makes you look lame :-) */



Hi all,

I've applied Michael Best's masq-demasq patch to kernel 2.2.19
to make internal port forwarding possible.

Here is my session log:

Client: 172.16.1.247
Masq-Box: 172.16.1.123 (eth1) / External: 213.7.16.210 (ppp0)
WWW-Server: 172.16.1.2

ipmasq portfw -l output:
prot localaddr            rediraddr               lport    rport  pcnt  pref
TCP  213.7.15.210         172.16.1.2                 80       80    10    10

ipchains -L output:
Chain forward (policy ACCEPT: 1441 packets, 591260 bytes):
 pkts bytes target     prot opt    tosa tosx  ifname     mark       outsize
source                destination           ports
    0     0 MASQ       all  ------ 0xFF 0x00  *
172.16.0.0/16        0.0.0.0/0             n/a

Chain input (policy DENY: 0 packets, 0 bytes):
 pkts bytes target     prot opt    tosa tosx  ifname     mark       outsize
source                destination           ports
  101  4506 ACCEPT     tcp  ------ 0xFF 0x00  *
0.0.0.0/0            213.7.15.210          * ->   80

route -n output:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
62.104.220.43   0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
172.16.1.123    0.0.0.0         255.255.255.255 UH    0      0        0 eth1
172.16.0.0      0.0.0.0         255.255.0.0     U     0      0        0 eth1
127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
0.0.0.0         62.104.220.43   0.0.0.0         UG    0      0        0 ppp0

tcpdump of failing session:

15:34:55.163739 eth1 < 172.16.1.247.1273 > 213.7.15.210.www: S
3159403988:3159403988(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
15:34:55.163935 eth1 > 172.16.1.123.61167 > 172.16.1.2.www: S
3159403988:3159403988(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
15:34:55.164107 eth1 < 172.16.1.2.www > 172.16.1.123.61167: S
13776300:13776300(0) ack 3159403989 win 8760 <mss 1460> (DF)
15:34:55.164232 eth1 > 172.16.1.123.www > 172.16.1.247.1273: S
13776300:13776300(0) ack 3159403989 win 8760 <mss 1460> (DF)
15:34:55.164328 eth1 < 172.16.1.247.1273 > 172.16.1.123.www: R
3159403989:3159403989(0) win 0
15:34:55.164369 eth1 > 172.16.1.123.61167 > 172.16.1.2.www: R
3159403989:3159403989(0) win 0


As you can see in line 2/3 the demasq patch works perfectly.
But in line 4 there's the error and I don't know how to solve it.
My masq box "replies" with the IP address "172.16.1.123" instead
of the external IP address -> TCP reset.
Maybe this is a kernel 2.2.19 issue.

Any help is appreciated as I've already spent two days on this :-(

Thanks in advance,
Thomas.

_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- 
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.

[Masq] Internal Port forwarding (kernel 2.2.19)

Reply via email to