linux-2.2.14, glibc-2.1.2, rh61, diald-0.99.4
The linux box does masquerading for the lan, and runs diald.
I use "demasq" so that diald tells dialmon (win9x monitor client) the
right ip-address for the queue log.
I have 2 problems:
1) Sometime the addresses are not de-masqueraded, this is random.
They appear in dialmon as my.isp.assigned.ip/63xxx (masq port range)
instead of 10.0.0.x/xxxx.
This is a minor problem.
2) It seems that the ip address are demasqueraded for the queue log
purpose, but not for firewall rules check purpose:
- I use
ignore any ip.saddr=10.0.0.10
The machine with ip 10.0.0.10 is not able to bring the link up, and
diald logs that it's ignoring packets coming from 10.0.0.10; but when
the link is up:
a) in the queue log for dialmon it apperas with the demasqueraded ip
address, 10.0.0.10/1478 (not masq range port)
b) echo queue > /path/diald.ctl -> it appears as
my.isp.assigned.ip/63xxx (masq port range), so that it can make the link
stays up.
Packets from 10.0.0.10 are not ignored (the ignore line is the 1st line
in the firewall rules) as long as the link is up.
I'm not a C programmer, but I see that in firewall.c demasquerade() is
called in desc_connection(), but not in check_firewall()
Anyone having the same problem?
Thanks.
--
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
