Sorry if this got sent out twice; I have had some trouble
with my e-mail software.
I am having a problem with diald and ipchains. I am using
Slackware 7 and diald 0.99.something. Linux and diald
are running on one computer, and Windows on another that
is connected to the Linux computer over a peer-to-peer
ethernet connection. When I connect to the Internet through
my ISP, my IP address is assigned dynamically. I use a
modem to connect.
Most of the time this setup works flawlessly: whenever I start
up an Internet application on the Windows box, diald fires
up a connection to my ISP, calls ip-up, which has my
ipchains rules (from TrinityOS with almost no modifications,
if that information helps), and everything works great.
Every once in a while, however, when the ipchains rules
get implemented, Linux starts rejecting all packets on
every interface -- including the ethernet interface (eth0).
I have to wait for diald to drop the connection after a
minute or so before I can try again (my ip-down script
flushes all the rules and sets all policies to ACCEPT).
Usually the connection works again the next time I try.
Sometimes, however, this problem occurs on two or three
successive attempts, which makes me think that it is
relatively random. On average, it happens about every
eight or ten times I try to get a connection going.
I get the impression that there is some sort of timing
problem, but I don't know what it could be. The ipchains
rules are set up to allow all traffic across the ethernet
connection and all traffic over the ppp0 interface that
I initiate.
If it would help, I would be happy to send out a copy
of my ipchains rules, but I would rather not waste the
bandwidth if someone has run across this problem and
can clue me in on what might be going on.
Note that in my ip-up script, before the firewall gets
run, I enable "dynamic TCP/IP hacking", e.g., the
script does a "echo "1" > /proc/sys/net/ipv4/ip_dynaddr",
which I think is crucial to making it all work in the
first place. This is done before any of the rules are
implemented.
TIA.
Regards,
Chris Jenkins
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
