I am using IP masquerading, and diald incorrectly detects an idle link when in fact there is traffic to or from one of the machines being masqueraded for. When the traffic is to or from my gateway machine diald holds the link open for as long as necessary. I am using diald 0.16.5, with diald.defs and standard.filter almost unaltered from the distribution versions, and a 2.0.36 kernel. I have been dumping diald's debug info to /var/log/messages (SIGUSR2), and an example of an incorrect hangup is given here (with <description> substituted for actual addresses). In it I am ftp-ing to go.cygnus.com from a machine on my LAN. Apr 25 14:56:15 tacul diald[93]: User requested dump of firewall queue. Apr 25 14:56:15 tacul diald[93]: -------------------------------------- Apr 25 14:56:15 tacul diald[93]: up = 1, forcing = 0, impulse = 1, iitime = 0, itime = 0, ifuzz = 0, itimeout = -3494, timeout = 82924, next alarm = 3 Apr 25 14:56:15 tacul diald[93]: ttl 3, 6 - <remote-addr>/21 => <my-dynamic-addr>/61107 (tcp state ([ceee4c1d,0] 0,0)) Apr 25 14:56:15 tacul diald[93]: ttl 58, 1 - <unknown-different-addr>/257 => <my-dynamic-addr>/257 (tcp state ([0,0] 0,0)) Apr 25 14:56:15 tacul diald[93]: ttl 3, 6 - <remote-addr>/20 => <my-dynamic-addr>/61110 (tcp state ([0,0] 0,0)) Apr 25 14:56:15 tacul diald[93]: -------------------------------------- Apr 25 14:57:11 tacul diald[93]: User requested dump of firewall queue. Apr 25 14:57:11 tacul diald[93]: -------------------------------------- Apr 25 14:57:11 tacul diald[93]: up = 1, forcing = 0, impulse = 1, iitime = 0, itime = 0, ifuzz = 0, itimeout = -3551, timeout = 82868, next alarm = 1 Apr 25 14:57:11 tacul diald[93]: ttl 1, 1 - <unknown-different-addr>/257 => <my-dynamic-addr>/257 (tcp state ([0,0] 0,0)) Apr 25 14:57:11 tacul diald[93]: -------------------------------------- Apr 25 14:57:12 tacul diald[93]: Closing down idle link. Apr 25 14:58:13 tacul pppd[222]: Hangup (SIGHUP) Apr 25 14:58:13 tacul pppd[222]: Modem hangup Apr 25 14:58:13 tacul pppd[222]: Connection terminated. Apr 25 14:58:13 tacul pppd[222]: Exit. Apr 25 14:58:14 tacul diald[93]: Delaying 120 seconds before clear to dial. Apr 25 14:58:42 tacul diald[93]: User requested dump of firewall queue. Apr 25 14:58:42 tacul diald[93]: -------------------------------------- Apr 25 14:58:42 tacul diald[93]: up = 0, forcing = 0, impulse = 1, iitime = 0, itime = 0, ifuzz = 0, itimeout = -3641, timeout = 82777, next alarm = 0 Apr 25 14:58:42 tacul diald[93]: -------------------------------------- I was still in the middle of my ftp session at 14:57:11, despite the fact that no more activity on ports 20 and 21 is visible in that debug dump. Furthermore, my /etc/diald/standard.filter contains: accept tcp 120 tcp.dest=tcp.ftp accept tcp 120 tcp.source=tcp.ftp accept tcp 120 tcp.dest=tcp.ftp-data accept tcp 120 tcp.source=tcp.ftp-data and yet only 57 seconds before the message "Closing down idle link" there is activity on both ports 20 and 21. I don't understand the presence of the apparently totally unrelated address (different network, and gethostbyaddr(3) gives unrelated name) connecting on port 257 (unassigned port according to RFC 1700), but hopefully this is another matter. Does anybody know what is going wrong? Alex Thorp - To unsubscribe from this list: send the line "unsubscribe linux-diald" in the body of a message to [EMAIL PROTECTED]
