On Tue, May 18, 1999 at 03:11:19PM +0200, Ste wrote:
> Hi,
>
> my firewall runs diald 0.16.5 on rh 5.2; clients run dialmon.
> Sometimes diald dials again after a client disconnects and shuts down
> the browser (Netscape 4.5).
I think you can configure Netscape not to do this, but I
can't remember how.
> I clocked debug to 1 and logged the traffic: it seems that the local IP
> address, as provided from my ISP last time the firewall connected,
> continues to send packets towards the last IP address the client visited
> before shutting down.
> Packets start from ports like 61028 or 61030 and are received on port
> 80.
>
> What's happening ?
You have a new IP address, but the old sockets keep the old address
so the system can't close them down, because each time it sends out
a packet that packet has the old address, and each time the remote
end answers you don't get the answer packet.
RST-provoking is a hack to get around this. If you have a 2.0 kernel
newer than 2.0.35 and some versions of 2.0.34 you can switch it on
with
echo 5 > /proc/sys/net/ipv4/ip_dynaddr
eg in /etc/rc.d/rc.local
You can find doc in /usr/src/linux/Documentation/networking/ip_dynaddr.txt
There is also a patch for 2.1/2.2.
--
Erik Corry [EMAIL PROTECTED] Ceterum censeo, Microsoftem esse delendam!
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
