/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
[EMAIL PROTECTED] wrote: > Message: 1 > Date: Mon, 08 Mar 2004 22:36:00 +0000 > From: "Michael Holloway" <[EMAIL PROTECTED]> > Subject: [Masq] Only web forwarding not working > To: [EMAIL PROTECTED] [snip] > I've had the Linux Masquerade Resource (http://www.e-infomax.com/ipmasq/) > "stronger" firewall and forwarding script working with a Redhat 7.5 2.4 > kernel for several years now without any problem. A week ago all web > browser connections from my masqed PCs stopped working. FTP, ping, SSH, all > work, the connections are forwarded, but web requests get no connection. > The masqing linux box plugged into the cable modem has no problem with the > web, and when I take the linux box out of the circuit and hook a Windows > machine up directly (after configuring TCP/IP) it has no problem either. > I'm stumped. I'm missing something here: you said '*a* Windows machine'. Is the Windows box (call it 'W(k)'), the machine that cannot http? I have to get the nouns correctly associated with the verbs and adjectives. Is it... PC(i) --http--> Gateway(RH7.5) ---> cableModem <<== No Joy? W(k) --http----------------------> cableModem <<== Big Joy? ...where i=1,N by +1. ...and k=M, with M inclusively between 1 and N. ...ie., W(k) == PC(k) Yeah, rereading you msg, thats what you're saying. Which implies that the problem is in the Gateway(RH7.5). Thats good work :-). The problem needs more information, more data. We know that the problem is port:80 sensitive. Presumably the router is not port-number savy, and can be set aside, as can the rest of the stack. But we need to determine whats going on in the gateway/firewall state-machine. So we need to locate where in the firewall/gateway that the PC(i=test) http packets are dropping on the floor. How far thru the chains/table/queues do they make it? So, turn on Gateway syslogging for the packets to/from PC(i=test) as they pass thru your firewall/gateway ruleset. And make sure you're logging *all* packets (tcp+udp) to *and* from PC(test) that pass through the Gateway(RH7.5). Instrument ALL of the queues. I dunno (yet) about iptables. But, for /sbin/ipchains (RH7.0), with which I'm familiar, that'd be the {input,output,forward} chains. Again, (conditionally?) insert a *promiscious logging* rule for all http:80 packets at the front of each queue. It would be a bit easier if your firewall/gateway scripts were "restartable". Doing this kind of thing manually is a pain in the owie. Then run a '/bin/tail -f /var/log/messages' on the Gateway(RH7.5), while you carefully PC(test) http/browse a sparse website like http://www.google.com or a known '404' website. Keeps from flooding the logs. Maybe try http://localhost:80 if you've got Apache up ;-). That should light up the logs for all of the Gateway instrumented queues! Tell us what you get :-). Just unplug the Gateway from the cable modem while you clean up the promiscious mods mess :-). Maybe post your iptables(?) ruleset - the numeric tables, not the script that generates the tables. No need to post your routes if you can ping from PC(test) thru Gateway(RH7.5) to http failing websites. > I've switched around ethernet cards too, and tried the > "weaker" script, without any change. What could have happened? Is there > any way my provider (Roadrunner) could know when a http request is coming > from a masqed PC? Is there a specific module handling http requests that I > can try replacing? Can I check to see if the http port is blocked? > > Thanks, > Mike Holloway Thanks for the fun problem :-). -- John Todd "Remember to always whittle with the blade arcing AWAY from your body parts. Just a suggestion." _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
