Thanks. However, the problem has been solved. It turned out to be
"diald" that was interfering. I looked in the /var/log/warn and
/var/log/messages, and found this:
Nov 18 18:00:38 sophia diald[110]: failed to set terminal attributes:
Invalid argument
Nov 18 18:00:39 sophia diald[110]: failed to set terminal attributes:
Invalid argument
Nov 18 18:00:39 sophia chat[2475]: Can't set terminal parameters:
Invalid argument
Nov 18 18:00:39 sophia chat[2475]: Can't restore terminal parameters:
Invalid argument
Nov 18 18:00:59 sophia last message repeated 190007 times
Nov 18 18:00:59 sophia diald[110]: child process 2475 terminated with
signal 11
Nov 18 18:00:59 sophia chat[2475]: Can't restore terminal parameters:
Invalid argument
Nov 18 18:00:59 sophia last message repeated 559 times
Nov 18 18:05:59 sophia syslogd: exiting on signal 15
I have no idea why diald makes trouble under 2.1.128 but not under the
2.0.35 kernel. I don't need diald on that machine, since it has an
ethernet connection. So I turned diald off and rebooted it. Suddenly,
everything is working they way it's supposed to!
Thanks much for your suggestions. I had no reason for using the '15' in
that address. It's just what I choose to call my home machine when I
dial in. (It's the only machine using masqerade.)
Wes
Fuzzy Fox wrote:
>
> Wes Morriston <[EMAIL PROTECTED]> wrote:
> >
> > > > ipchains -P forward DENY
> > > > ipchains -A forward -j MASQ -s 192.168.0.15/24 -d 0.0.0.0/0
>
> My rules are very much like yours:
>
> /sbin/ipchains -P forward REJECT
> /sbin/ipchains -A forward -s 192.0.2.0/24 -i ppp+ -j MASQ
>
> My rules work. If your rules don't, there must be some silly reason for
> it. :)
>
> The main thing I notice is that you have the source address with
> 192.168.0.15/24. What is that .15 for? That isn't the network address;
> the network address should have all zero's in the host portion. I don't
> know if that's causing your problem, but you might try changing it; it
> shouldn't make a difference.
>
> I also don't specify a -d parameter at all, since that doesn't matter.
> I do specify the interface, though, because I only want to masquerade
> connections routing through PPP. However, this only restricts the
> masquerade further, so it shouldn't make your situation any different.
>
> Try playing with the options and the IP address to see if that makes a
> difference.
>
> --
> [EMAIL PROTECTED] (Fuzzy Fox) || "Nothing takes the taste out of peanut
> sometimes known as David DeSimone || butter quite like unrequited love."
> http://www.dallas.net/~fox/ || -- Charlie Brown
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> For daily digest info, email [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
