On Mon, 19 Aug 2002, Jeff wrote:
> I am having a problem on eigerstein and ipchains concerning port
> forwarding tables.
> There is an amateur radio app called echolink that is basically Speak
> Freely VOiP. It uses udp ports 5198 & 5199 for audio and control. On my
> leaf I normally have those ports portfw'ed to my 192.168.2.235 Windows
> laptop, echolink only runs on Windows. I am porting the app to Linux on
> my 192.168.2.205 machine. Ok, I want to test it. I ipmasqadm portfw -f
> to clear the rules forwarding udp 5198/99 to .235 and re-enter the rules
> to port forward the ports to .205.
>
> Now this is the strange part. If I haven't had much traffic with another
> external IP address on those ports when forwarding was to .235,
> everything is fine, 5198/99 packets now go to .205. However, if I had
> already received a number of packets from another host, the udp 5198/99
> packets from that host host STILL go to the .235 Windows machine. Doing
> a ipmasqadm portfw -l shows no rules to forward ANYTHING to .235. But,
> they still go to .235 and 5198/98 packets from other hosts go to .205!
> !!
>
> I have to restart the LEAF box to get ALL 5198/99 packets to go to the
> .205 machine.
>
> Am I missing something about how to completely clear the rules tables?
I don't think so. What you seem to be missing is the difference between
forwarding rules and masquerading connections. I don't know of a way to
clear out the masquerading connections with ipchains, but you can change
the timeout values with
ipchains -M -S <tcp> <tcpfin> <udp>
Another puzzle is how to query what the actual timeout values
_are_... I only know how to change the values.
---------------------------------------------------------------------------
Jeff Newmiller The ..... ..... Go Live...
DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go...
Live: OO#.. Dead: OO#.. Playing
Research Engineer (Solar/Batteries O.O#. #.O#. with
/Software/Embedded Controllers) .OO#. .OO#. rocks...2k
---------------------------------------------------------------------------
-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
