On Tue, 18 May 1999 15:11:19 +0200, hai scritto:
>my firewall runs diald 0.16.5 on rh 5.2; clients run dialmon.
>Sometimes diald dials again after a client disconnects and shuts down
>the browser (Netscape 4.5).
Probably they are ACK or RST packets, you can see that from the log.
If this is the case you can block reconnecting by inserting rules as:
keepup tcp 180 tcp.ack,tcp.source=tcp.www
keepup tcp 180 tcp.ack,tcp.dest=tcp.www
keepup tcp 90 tcp.ack,tcp.source=tcp.ftp-data
keepup tcp 90 tcp.ack,tcp.dest=tcp.ftp-data
keepup tcp 90 tcp.ack,tcp.source=tcp.ftp
keepup tcp 90 tcp.ack,tcp.dest=tcp.ftp
keepup tcp 20 tcp.ack
ignore tcp tcp.ack
Before the accepting rules.
So ACK packets will keep the link up, but not bring it up.
The reason is that when you shut down a client that had not completely closed
the connection, it tries to do it at that moment by sending some packets over
the network.
--
Giulio
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
