/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
[masq-demasq patch] > > As you can see in line 2/3 the demasq patch works perfectly. > > But in line 4 there's the error and I don't know how to solve it. > > My masq box "replies" with the IP address "172.16.1.123" instead > > of the external IP address -> TCP reset. > > Maybe this is a kernel 2.2.19 issue. > > the patch was written for 2.2.13. > maybe something important has changed since then. > you'd better ask michael about this ([EMAIL PROTECTED]). > did it apply cleanly? He helped me a lot, but I ended up debugging the kernel for several hours. The TCP checksums (at least in 2.2.19) for re-masqueraded packets are wrong and so the packets get dropped. I was going crazy because everything worked perfectly while running tcpdump in the background :o) But this is easy to explain: TCP "hardware" checksums get disabled while running tcpdump and so the checksums are recalculated. I've sent my kernel patch to him, but I don't know if he will include it. > > Any help is appreciated as I've already spent two days on this :-( > > a workaround is to use split dns zones where internal hosts > use a dns server that maps the name of 213.7.16.210 to the > address 172.16.1.2. I know, but I don't like this dirty hack. IP address redirections should be done by masquerading/firewall and not DNS. cheers, Thomas. _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
