/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
I believe the http secure port (https) is 443. You can check your
/etc/services file to confirm this. Are you allowing both inbound and
outbound 443? If your firewall isn't explictly allowing this port, https
transfers will fail, AFAIK.
I am on a nearly identical setup (masqing firewall on DSL) and am having no
trouble whatsoever. I just confirmed that secure pages work, in fact.
What kernel version are you running? If you are in the 2.2 series, do make
sure to update to 2.2.11, as it corrected numerous problems with masq.
Okay... now I have a question for the list. :-) I signed up about a week
ago and have been lurking a bit. I saw the tail end of a conversation that
looks applicable, but the specific remedies there didn't seem to help.
I am having odd trouble initiating dcc chats from behind a 2.2.11 masqing
firewall with the irc module installed. It doesn't seem related to the
firewall part, because even if I set up ONLY masquerading without
firewalling, it often doesn't work. What's particularly annoying is that
some nights, it DOES work, perfectly, time after time... but other nights it
fails miserably. And this is with all the firewalling in place, not just
masqonly. The remote person sees the dcc chat request and responds in the
affirmative, but that agreement never makes it back to my console. I
have tried to duplicate the problem by running an ircII client on an outside
machine, but I have never been able to cause a failure between myself on
mIRC behind the firewall and myself on ircII outside it. My failures have
been with an eggdrop bot and with mIRC users.
I have tried limiting the dcc ports in MIRC to a specific range, as was
suggested in the last message on the list, and have also added a line in
rc.local to specify 'ports=6666...6669, 7000' for the irc masquerading
module. Neither setting seems to have directly changed any of the symptoms.
I even opened up the firewall to allow connections on those ports: no change
in symptoms. I really don't think it's a firewall problem anyway.
If it will help, I have another linux box on the same external net with the
firewall, and I can do tcpdumps. I'm not very good at reading them, so I
haven't spent much time snooping myself... can anyone give me a pointer as
to what I should be looking for? And can anyone recommend a good sniffing
utility?
<<RON>>
----- Original Message -----
From: William R McLain <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, August 18, 1999 11:48 PM
Subject: [Masq] Secure Web site access
>
> Hello,
> I am a relatively new Linux user but have still managed to find most of
the
> information that I need. I am running a private network with 2 Win95
> computers and a Linux box. The Linux box is being used as a
> server/firewall for my internet connection which is a DSL line. I have
> configured my firewall in a standard format to allow for IP masquerading
> and disallowing spoofing and access from outside.
>
> Everything seems to work OK, but I have noticed that I am unable to access
> secure web servers for secure transactions. I have looked at all the
> HOWTO's and looked through this list's archives but I have not found
> anything pertaining to problems of this type. Does anyone know about
this,
> and if so, where could I find information about it?
>
> Thanks for whatever help anyone can give me.
>
> William McLain
>
>
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
