Hello,
On Wednesday 22 May 2002 14:27, Ben Reser wrote:
[...]
it is now possible to fake the source IP dynamically
(using the dest of the original packet as the fake
source IP), as per explained in this thread :
http://lists.samba.org/pipermail/netfilter/2002-February/020237.html
On Wed, May 22, 2002 at 03:36:51PM +0800, Fabrice MARIE wrote:
Well, say your firewall is 202.58.4.3,
your webservers are 202.58.4.7-20 and all traffic from outside to your webservers
is filtered by your firewall.
Now you can tell your firewall :
if packet src != trusted and
On Wednesday 22 May 2002 14:47, Ben Reser wrote:
On Wed, May 22, 2002 at 03:36:51PM +0800, Fabrice MARIE wrote:
Well, say your firewall is 202.58.4.3,
your webservers are 202.58.4.7-20 and all traffic from outside to your
webservers is filtered by your firewall.
Now you can tell your
Hi,
It seems I hit the same problem when trying to setup an IPSec tunnel between
two routers (running Linux 2.4.18+newnat). FTP data transfer is broken. Control
connection is ok.
After some investigations it seems NAT doesn't recognize IPSec packets being
part of the FTP connection and so they
It seems I hit the same problem when trying to setup an IPSec tunnel between
two routers (running Linux 2.4.18+newnat). FTP data transfer is broken. Control
connection is ok.
After some investigations it seems NAT doesn't recognize IPSec packets being
part of the FTP connection and so they
Can you please explain roughly what such a helper would do? Assume that
I know how traffic enters and leaves a Linux router, how unencrypted
traffic enters and leaves the router, and what the IP stack and iptables
does to the traffic as it passes. I don't know how that ipsec fits into
the
Note : this has already been posted to [EMAIL PROTECTED]
without any answer. Hope you'll help me with this...
Hi,
First I would like to thanks the netfilter core team for their work
since I'm using this project since 2.3.xx and I'm really happy with this.
However, this is the very first time
Felix,
we have a ftp connection which passes through two routers which have a
IPSEC tunnel in between. Both routers have nat and conntrack modules
compiled into the kernel but there are no rules at all.
You mean there are also no filter rules? Good. That excludes much.
[a simple ftp
On Wed, May 22, 2002 at 02:56:28PM +0800, Fabrice MARIE wrote:
Hello,
Here's a patch from Guilaumme Morin that updates
thanks, patch applied.
Fabrice MARIE
--
Live long and prosper
- Harald Welte / [EMAIL PROTECTED] http://www.gnumonks.org/
Hello again.
The problem is still the same, I was told to really make sure that I
made a clean installation, which I did.
I also (no one told me to) tried to compile everything as modules, no
success. (:
Made the kernel as minimalistic as possible, no success.
I heard from a couple of
forgot to cc netfilter-devel :(
-Forwarded Message-
From: Martin Josefsson [EMAIL PROTECTED]
To: Felix Farkas [EMAIL PROTECTED]
Subject: Re: IPSec ALG
Date: 22 May 2002 15:55:10 +0200
On Wed, 2002-05-22 at 15:40, Felix Farkas wrote:
The problem is that the first data packet coming
Patrick Schaaf wrote:
Could you possibly try newnat without ipsec, e.g. with a crossover cable
between the routers?
We were just willing to see if someone else encountered this problem and
knows more about it.
For what it is worth, I run the following setup just fine
client network -
Hi there,
I found it useful to have a -W (weed-delete-chain) option in iptables.c.
It basically does the same as iptables -F chain and iptables -X
chain but in one step.
Patch is attached in -burN format.
The only bug I could find is that when you call iptables -W it rants
at you with a wrong
I've had two OOPSes now that look like this while using the PPTP NAT patch:
Oops:
CPU:0
EIP:0010:[c01d3519]Not tainted
EFLAGS: 00010282
eax: ebx: c63086a0 ecx: cf6b785c edx: cf6b7848
esi: cf6b7840 edi: 0001 ebp: c021fea0 esp: c021fe30
ds: 0018 es: 0018
14 matches
Mail list logo