No connection tracking module is loaded, is there one for Zoom?
April 10, 2020 3:14 PM, "Louis Kowolowski" <[email protected]> wrote: > RFC1918 172.16.0.0/12 does *not* include 172.217.6.10. The range is > 172.16.0.0-172.31.255.255. > > I suspect you are correct about UDP not getting through. Seems likely some > kind of connection > tracking/keep-state isn’t working the way you want. Are you doing any kind of > keep-state for your > UDP traffic? > >> On Apr 10, 2020, at 3:03 PM, [email protected] wrote: >> >> I've done apt-get purge network-manager, because something is screwing up >> the routing... >> >> I have a dynamic IP address through Spectrum cable and I'm thinking that I >> need to do something >> special to make masquerading with a dynamic ip work? >> >> The firewall needs to track the IP if say the lease expires and I get a >> different one... >> >> Zoom video conferencing is not working through my Debian firewall. Maybe I'm >> not allowing all the >> packets to get through... >> >> The video freezes and stays frozen. I suspect UDP isn't getting through. >> Thing is, why would a >> forward packet be from the outside >> interface out the outside interface with the destination IP address being >> local? I don't think this >> is supposed to happen. >> >> FORWARD will drop: IN=eth2 OUT=eth2 SRC=172.217.6.10 DST=192.168.254.32 >> PROTO=TCP SPT=443 DPT=49681 >> ... >> >> The above seems like something that should be dropped because RFC1918 >> addresses aren't reached via >> the Internet side interface which eth2 is. >> >> # ip route list >> default via 96.42.208.1 dev eth2 >> default via 192.168.254.1 dev eth0 proto dhcp <- WRONG src 192.168.254.52 >> metric 202 >> default via 96.42.212.1 dev eth2 proto dhcp src 96.42.214.23 metric 204 mtu >> 1500 >> 96.42.208.0/22 dev eth2 proto kernel scope link src 96.42.210.76 >> 96.42.212.0/22 dev eth2 proto dhcp scope link src 96.42.214.23 metric 204 >> mtu 1500 >> 192.168.253.0/24 dev eth1 proto kernel scope link src 192.168.253.1 linkdown >> 192.168.254.0/24 dev eth0 proto dhcp <- WRONG scope link src 192.168.254.52 >> <- WEIRD metric 202 >> >> michael@filter:~$ cat /etc/network/interfaces >> # This file describes the network interfaces available on your system >> # and how to activate them. For more information, see interfaces(5). >> >> source /etc/network/interfaces.d/* >> >> # The loopback network interface >> auto lo >> iface lo inet loopback >> >> auto eth0 >> iface eth0 inet static >> address 192.168.254.1 >> netmask 255.255.255.0 >> >> auto eth1 >> iface eth1 inet static >> address 192.168.253.1 >> netmask 255.255.255.0 >> >> auto eth2 >> iface eth2 inet dhcp >> >> auto eth0:any1 >> iface eth0:any1 inet static >> address 8.8.8.8 >> netmask 255.255.255.255 >> >> auto eth0:any2 >> iface eth0:any2 inet static >> address 8.8.8.4 >> netmask 255.255.255.255 >> >> auto eth1:any1 >> iface eth1:any1 inet static >> address 8.8.8.8 >> netmask 255.255.255.255 >> >> auto eth1:any2 >> iface eth1:any2 inet static >> address 8.8.8.4 >> netmask 255.255.255.255 >> michael@filter:~$ >> >> Maybe my interfaces file shouldn't be using auto??? The interfaces eth0 and >> eth1 should be static >> configured. The eth2 interface is hooked to the cable modem. >> _______________________________________________ >> PLUG mailing list >> [email protected] >> http://lists.pdxlinux.org/mailman/listinfo/plug > > -- > Louis Kowolowski [email protected] <mailto:[email protected]> > Cryptomonkeys: http://www.cryptomonkeys.com <http://www.cryptomonkeys.com> > > Making life more interesting for people since 1977 > > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
