[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ipchains

To: members@xxxxxxxxxxxxxxxxxx
Subject: Re: ipchains
From: Wesley Leonard <marshall@xxxxxxxxxxxx>
Date: Fri, 16 Jun 2000 00:02:04 -0400
Organization: PacDemon
References: <394813AA.5D798420@pacdemon.org><200006151132.e5FBWZU25446@localhost.localdomain>
Sender: marshall@xxxxxxxxx

Thanks for the advice...  My kernel is 2.2.5-15.  I'll upgrade to 2.2.16
ASAP.

(I changed MRU/MTU and it had no effect....)
-- 

Wesley Leonard
marshall@pacdemon.org

http://www.pacdemon.org
"...I want Linux to be on the cutting edge, and even a bit past the
edge, because what's past the edge today is what's on your desktop
tomorrow."
	--Linus Torvalds



Adam Tauno Williams wrote:
> 
> > Hey gang.  I'm having trouble getting to certain sites (most importantly
> > slashdot.org) through my gateway box.  It's running redhat 6.0.  I
> 
> So this is kernel version 2.2.5?  And your routing between ethernet and PPP?
> What is your MRU/MTU?   2.2.5 has issues masq-ing packets between large and
> small MTU subnets.  If setting your PPP MRU/MTU to 1500 fixes the problem you
> need a kernel update.  A box on the Internet should probably be moving to 2.2.16
> anyway, do to security exploits.
> 
> > Here's the script that runs at startup:
> > #!/bin/sh
> > echo 1 > /proc/sys/net/ipv4/ip_forward
> > ipchains -P forward DENY
> > ipchains -A forward -j MASQ -b -s 192.168.0.0/16 -d 0.0.0.0/0
> > ipchains -A forward -j MASQ -b -s 192.168.1.0/16 -d 0.0.0.0/0
> > modprobe ip_masq_ftp
> >
> > Is anything missing or just plain wrong???
> 
> This looks good.
> 
> Systems and Network Administrator
> Morrison Industries
> 1825 Monroe Ave NW.
> Grand Rapids, MI. 49505

References:
- ipchains
  - From: Wesley Leonard
- Re: ipchains
  - From: Adam Tauno Williams

Prev by Date: Re: Family Tree Program for Linux
Next by Date: Finally!
Prev by thread: Re: ipchains
Next by thread: Serial port/modem/ppp problem...
Index(es):
- Date
- Thread