Hi Sluggers, This is a weird one. Any thoughts/speculation appreciated. A client is using a Slackware 7.1 machine as a firewall and IP-Masq connection for their internal network. Its clean and simple, using an identical build as a dozen others which are running properly. UDP and ICMP are masquerading happily TCP is being weird. >From the servers and a few workstations it works properly. >From other workstations the IP address in the TCP header is being re-written, or mangled, to a particular IP and port. ie, telnet anywhere results in a packet going through the firewall to a very specific IP and port, every time. There is no routing or routers on the internal network. There are 2 hubs (2803's) and 1 switch (3com). For a while I thought anything connected to the switch was working while the hubs were mangling, but I have since proved this false - at least one workstation connected directly to the switch has the same problem, although most don't. The switch is a 3com, couple years old by looks. I didn't note the model number ;( My current guess is that the switch has been configured to redirect any TCP connection from most of its switched ports to this particular IP/port... does anyone know if this can be done with 3com? Are they capable of playing layer 4 games like this? Any other guesses? There doesn't appear to be any other devices involved... unless something is hiding in the roof, which is possible. Tomorrow I'll be taking my Slackware notebook and getting some real details from various points on the network. Thanks! Cheers, Marty -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://slug.org.au/lists/listinfo/slug
