Hi all, I've got a very standard masquerading firewall between my internal network and the outside, done with smoothwall/iptables on Debian Woody. Works beautifully, and has for a while.
The problem is I've got one app (asterisk) on an internal server that is connecting via UDP to a particular host, and the connection is failing. Same app connects fine to other hosts, and network connectivity to the host looks fine - I can ping, I can netcat to the udp port, etc. Debugging this, it looks like the outward connection is not getting masqueraded properly - on the external interface on the firewall a tcpdump shows: 04:35:18.203836 10.10.10.1.4569 > 202.125.42.141.4569: udp 12 (DF) [tos 0x10] 04:35:18.706606 10.10.10.1.4569 > 202.125.42.141.4569: udp 12 (DF) [tos 0x10] 04:35:18.707008 10.10.10.1.4569 > 202.125.42.141.4569: udp 26 (DF) [tos 0x10] 04:35:19.344564 203.213.47.14.4569 > 216.118.117.46.4569: udp 12 (DF) [tos 0x10] 04:35:19.586808 216.118.117.46.4569 > 203.213.47.14.4569: udp 12 (DF) [tos 0x10] 04:35:19.587876 203.213.47.14.4569 > 216.118.117.46.4569: udp 12 (DF) [tos 0x10] The first three lines are bad, where the 10.10.10.1 is my internal address that isn't masqueraded. The next three lines are good to a different host (216.118.117.46), where 203.213.47.14 is my masqueraded address. A 'nc -u 202.125.42.141 4569' from that same server, though, works fine, and masquerades correctly: 04:41:59.179729 203.213.47.14.32846 > 202.125.42.141.4569: udp 1 (DF) [tos 0x10] 04:41:59.332267 203.213.47.14.32846 > 202.125.42.141.4569: udp 1 (DF) [tos 0x10] 04:41:59.509531 203.213.47.14.32846 > 202.125.42.141.4569: udp 1 (DF) [tos 0x10] Been batting my head against this for hours now - anyone seen anything like this or have any pointers on what to try next? Cheers, Gavin -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
