>For some clients, parts of the Internet disappear. you can't ping, ftp,
>or http to some
>adresses, while to others you can.
>When I reboot my masq-gate, everything seems to turn back to normal.
Few Qs:
What linux kernel version?
IPFWADM or IPCHAINS?
Send a cop
>I have set up a linux box to connect our local win95(sorry) network to
>internet via a slip connection using a cable modem.
Are you really running SLIP on-top of a TCP/IP enabled cablemodem?
Any reason why? VPN.. of sorts?
>Proto Recv.-Q Send-Q Local AddressForeign Address
S
>Is there such a list
>that these topics could be taken to, so that they receive the wider
>audience that they deserve? Or if there is no such list, is there any
>interest in creating one?
Not that I'm aware of. There are a lot of Linux newsgroups out there
but I don't frequent them at all.
I
I need to forward port 81 from the masq machine to a windows machine on my
local lan. The server software that i need to run is avail only on the
windows platform, no unix variations yet...
i did the following
ipautofw -A -r tcp 81 81 -h 192.168.1.102
ipautofw -A -r udp 81 81 -h 192.168.1.102
a
On 11 Feb 99, at 11:36, David A. Ranch wrote about
"[masq] How a firewall works...":
|...
| Now, I don't want to confuse you more but you might be thinking
| that letting in ALL high ports back into your Linux box is
| a BAD thing.
|
| You know what?.. YOUR RIGHT!
|...
Why, exactly?
I have forwarding working with everything I need but gre over ip. I compiled with
this option, and think that I have all the modules I need loaded.
I sniffed on an attempted connection to a VPN server, and see that the gre are the
only packets not being masqueraded. Does any one know of the s
Hey Guys..
Recently I've been getting these packet logs to a friend
of mine's machine:
--
Feb 10 23:22:59 trinity2 kernel: IP fw-out deny eth0 ICMP/3 192.168.0.1
24.0.75.172 L=106 S=0xD0 I=24193 F=0x T=64
Feb 10 23:23:02 trinity2 kernel: IP fw-out deny eth0 ICMP/3 192.168.0.1
24.0.75.172 L=
Gerd Foerster <[EMAIL PROTECTED]> wrote:
>
> I'm a bit confused about what port mode and passive mode is.
In normal port-mode FTP, the client asks the server to make a connection
back to it, on a port chosen by the client, in some high-port range.
In passive FTP, the client asks the server for a
Michele Nicosia <[EMAIL PROTECTED]> wrote:
>
> Anyone in this list using kernel 2.0.35/36 can do a ping to some site
> to internet, and for the linux masquerade server can do a netstat -M?
> What does it report???
Mine says:
netstat.c: feature `FW_MASQUERADE' not supported.
Please recompile
"Jose M. Sanchez" wrote:
>
> This is really several problems all balled into one...
>
> 1) You MUST recompiled the kernel and enable autofw. It is not on by
> default.
I have autofw, portfw, and mfw all built as modules, and ipmasqadm
works.
>
> 2) You must determine the ports the program use
Hey Everyone:
>> - All interfaces (any network cards, the localhost
>> interface, etc) on a Linux box have INPUT, OUTPUT,
>> and FORWARD rules.
>>
>So does that mean I have to write -I rules AND -O rules
>for BOTH NIC ???
You don't have to but you won't be securing the Linux box
very well wi
I have my MASQ box working with diald and a very basic rule set (thanks
David!) but thats not the end of the story.
As the MASQ box is also my mail and fax server, things have started to get
a little complex. To stop Sendmail from dialing out every time I send an
e-mail to the server, Sendmail is
Dear Charles,
> I had trouble with that, too, but I have used ipportfw to do this
> kind of redirection, like
> ipportfw -A -t outside-ip/80 -R inside-ip/80
first the syntax should be :
ipportfw -A -toutside-ip/80 -R inside-ip/80
assuming outside-ip is the Ip of your external Nic
Hi everybody,
First I thank
David <[EMAIL PROTECTED]> ,
Fuzzy <[EMAIL PROTECTED]> and
Lourdes <[EMAIL PROTECTED]>
for their explanations.
I'm sorry for some of you, but maybe I will be a bit boring.
In fact, in spite of all your explanations,
all the things related to the rules -F -I -O are stil
THEN I did a "ping www.linux.org" on my internal machine and got the
following
results:
Now it is important to say this: it works??? It si clear that the
net-tools doesn't show the packets status, but the client is working
well
Michele
--
> Incoming traffic routes correctly to each machine, outgoing net connections
> for FTP, WWW, etc. also work fine. However I cannot access http://www.xoom.com
> - the address resolves and starts to make a connection and then times out.
Can I add that web access to Xoom works fine when running the
I have a strange one here! I'm running straight ip forwarding with a Linux
box running as the gateway machine to a group of other machines each assigned
an IP address with my internet block.
Incoming traffic routes correctly to each machine, outgoing net connections
for FTP, WWW, etc. also work
Hi everyone.
As I am using the mentioned configuration (RedHat 5.2 with kernel 2.0.36) I
gave this a try and my results seem to backup what Michele is saying:
BEFORE pinging I typed in the following two commands and got the expected
response:
> ipfwadm -M -l
IP masquerading entries
prot expir
Again, someone having problems with FTP:
I'm a bit confused about what port mode and passive mode is. So here a
description of my problems:
Simple IP masquerading (e.g. HTTP) works fine. ip_masq_ftp module is
loaded.
FTP works fine if data is tranferred on a connection initiated by the
remote s
Anyone in this list using kernel 2.0.35/36 can do a ping to some site to
internet, and for the linux masquerade server can do a netstat -M ??? what
do it report??? if it come up with an error it si like me, if it report
nothing the icmp masquerading isn't working, if it come up with somthing
l
Hi,
Every now and again I see a bunch of outgoing ICMP messages being logged by
my ipfwadm rules because they 'appear' to come from my internal network.
Just like the following:
Feb 10 19:53:31 The-Tardis kernel: IP fw-out deny eth1 ICMP/3 192.168.0.2
208.195.144.25 L=56 S=0x00 I=62255 F=0x
"make modules" and "make modules_install", too.
Last weekend I upgraded to 2.2.1 and after making my kernel the first time
I found out I had to go set some more options for masquerading to work. So
I set all the options and re-compiled the kernel. Silly me, I forgot to
remake my modules and I k
Maybe this will help, somebody sent me this tip and it solved my problem.
Hi David,
As of last night I solved my Half-Life, Quake 2, and Sin error message
problems. Maybe this will help you.
It was a network driver problem. I found the solution on Activion's Quake
2 site, in thei
23 matches
Mail list logo