[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipchains

To: members@xxxxxxxxxxxxxxxxxx
Subject: Re: ipchains
From: Adam Tauno Williams <adam@xxxxxxxxxxxxxxxx>
Date: Thu, 15 Jun 2000 07:32:35 -0400
In-Reply-To: <394813AA.5D798420@pacdemon.org>
References: <394813AA.5D798420@pacdemon.org>
Reply-To: Adam Tauno Williams <adam@xxxxxxxxxxxxxxxx>
Sender: adam@xxxxxxxxxxxxxxxx
User-Agent: IMP/PHP3 Imap webMail Program 2.0.11

> Hey gang.  I'm having trouble getting to certain sites (most importantly
> slashdot.org) through my gateway box.  It's running redhat 6.0.  I

So this is kernel version 2.2.5?  And your routing between ethernet and PPP? 
What is your MRU/MTU?   2.2.5 has issues masq-ing packets between large and
small MTU subnets.  If setting your PPP MRU/MTU to 1500 fixes the problem you
need a kernel update.  A box on the Internet should probably be moving to 2.2.16
anyway, do to security exploits.

> Here's the script that runs at startup:
> #!/bin/sh
> echo 1 > /proc/sys/net/ipv4/ip_forward
> ipchains -P forward DENY
> ipchains -A forward -j MASQ -b -s 192.168.0.0/16 -d 0.0.0.0/0
> ipchains -A forward -j MASQ -b -s 192.168.1.0/16 -d 0.0.0.0/0
> modprobe ip_masq_ftp
>
> Is anything missing or just plain wrong???

This looks good.

Systems and Network Administrator
Morrison Industries
1825 Monroe Ave NW.
Grand Rapids, MI. 49505

Follow-Ups:
- Re: ipchains
  - From: Wesley Leonard

References:
- ipchains
  - From: Wesley Leonard

Prev by Date: Re: REAL DSL Sometime Soon!
Next by Date: Re:SUSE in English
Prev by thread: ipchains
Next by thread: Re: ipchains
Index(es):
- Date
- Thread