[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Sometimes this hurts!

To: KLUG <members@xxxxxxxxxxxxxxxxxx>
Subject: Sometimes this hurts!
From: Richard Zimmerman <ke4rit@xxxxxxxxxxxxx>
Date: Wed, 4 Oct 2000 23:44:00 -0500
Organization: K&B Transport, Inc.
Reply-To: ke4rit@xxxxxxxxxxxxx

   Hello all.... I've got a good question...

   I'm having trouble in my Windows98 computer connecting to two websites on
the Internet going through my firewall. The sites are www.cart.com &
www.netconnect.eds.com. One is personal and one work related. BOTH suffer the
same problem. They do the DNS lookups fine, connect, say they are transferring
data but come to a complete halt!

   If I use Netscape or even Lynx ON the Linux box, both sites work just fine. I
tell the Win98 computer to dial out and get the site via dialup they work fine.
The problem only occurs through the Firewall. The only thing I see is that I can
not ping either site. I'm assuming that they have ping disabled because I can
ping just fine anywhere else both by ip & name through the firewall. Telneting
& ftp from the Win98 box also works fine.

   I have completely picked apart the Linux IP Masquerade HOWTO documentation from 
http://ipmasq.cjb.net/ and while this has help tremendously in solving various
"quirks" and has really improved my system security it has not help to solve
my problem with these two websites. I did all of the testing procedures they
recommended and everything is working fine. (Time to do a backup!) 

  I'm at a loss... I've been beating on this for two weeks now and while I
learned quite a bit about ipchains (and like it) I'm no closer to solving the
problem. 

  I have been using Bruces' recommendations for my ipchains setup with an added
recommendation from the MASQ faq:

echo "1" > /proc/sys/net/ipv4/ip_dynaddr
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_always_defrag  

ipchains -P forward DENY
ipchains -A forward -i ppp0 -j MASQ -s 192.168.1.0/24 -d 0.0.0.0/0
ipchains -M -S 7200 10 160  

   I have run tcpdump -i ppp0 to watch the packets move around but have not
really decifered any useful information from there as yet. 

  Any ideas are greatly appreciated....

  Richard

-------------------------------------------------------------------
Richard Zimmerman                              ke4rit@earthlink.net
K&B Transport, Inc.                            ke4rit@gate.net
Elkhart, Indiana

Follow-Ups:
- Re: Sometimes this hurts!
  - From: Bruce Smith
- Re: Sometimes this hurts!
  - From: Adam Williams

Prev by Date: Need some MORE Linux stuff?
Next by Date: Re: Sometimes this hurts!
Prev by thread: Need some MORE Linux stuff?
Next by thread: Re: Sometimes this hurts!
Index(es):
- Date
- Thread