Hi!
Well, the thing is quite weird, I believe I have followed all the
instructions but it doesn't work :-(
The strange is that it works for ftp, irc, telnet, web, ... if I split the
local network on two and masquerade between the two subnets, but it
doesn't masquerade ok when I'm on the internet, I'll explain it all now.
OK, let's simplify it, I have two machines, 192.168.1.1 (named 1 here on)
wich is the one that does the masquerading and 192.168.1.2 (2) wich is the
one that should be masqueraded.
I have simplified the routing stuff to see if it was that, bu even with
this simple routing it won't work:
2 has got the loopback entry plus:
default 192.168.1.1 0.0.0.0 UG 1 0 3 eth0
1 has got the loopback entry plus:
192.168.1.0 * 255.255.255.0 U 0 0 1 eth0
and the default that ppp adds!
The cards are configured this way:
1: eth0 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
2: eth0 inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
The kernel is compiled with:
CONFIG_FIREWALL=y
CONFIG_INET=y
CONFIG_IP_FORWARD=y
CONFIG_SYN_COOKIES=y
CONFIG_IP_FIREWALL=y
CONFIG_IP_FIREWALL_VERBOSE=y
CONFIG_IP_MASQUERADE=y
CONFIG_IP_MASQUERADE_ICMP=y
CONFIG_IP_ALWAYS_DEFRAG=y
I use this lines at startup to setup the masquerading:
ipfwadm -F -p deny
ipfwadm -F -a m -S 192.168.0.0/16 -D 0.0.0.0/0 -o
I load all the modules: ip_masq_vdolive, ip_masq_quake, ip_masq_ftp,
ip_masq_raudio, ip_masq_irc, ip_masq_cuseeme
On the tests that I've done I have been able to telnet to an old linux
machine with slackware 2.X but not to a solaris machine (after entering
the password I didn't get anything else!), the ftp on that old linux box
also worked (wu-ftpd) but on newer linux machines (ProFTPD) it didn't, the
irc didn't work, http neither, ... the only ones that worked perfectly
were icmp based tests!
Well, I don't have a clue on this, can anybody tell me any ideas of how to
trace this! I'm sure that I have done something wrong, but I don't know
were, If you need more info on my setup just ask!
The weird thing is that it works perfectly if I masquerade in my
local network! But of course I need it to masquerade the localnet on the
internet, and I really need it working!
Thanks in advance!
Manty/BestiaTester -> http://www.mantianito.ddns.org
See you in October at the Arroutada Party!
Visit our web http://www.arroutada.ddns.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
