Re: IP Masquerading problems with 2.2.x

Admin Wed, 1 Sep 1999 13:31:43 -0700
On Tue, 31 Aug 1999 18:47:15 -0300, Juanjo Ciarlante wrote:

>could you send me  the result of
>       # ifconfig ippp0;cat /proc/net/ip_masq/udp
>  1) before disconnect
>  2) after new connect, forcing a DNS query from inside
>  

this pointed me to some experimenting, in which I found that all the tables in 
/proc/net/ip_masq/* won't get cleared by a down/up cycle of the masq_device...
changing kernel to that would solve this riddle... I think this appeared only here 
'cause people who sit behind masq_gates don't do UDP so often, or if so, they use 
appropriate ip_masq_* modules or 
ipmasqadm with it... and with tcp, it won't matter cause tcp is connection-oriented...

anyway, here some log:
1. before connect:
ippp0     Link encap:Point-to-Point Protocol  
          inet addr:1.0.0.1  P-t-P:1.0.0.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:965504 errors:0 dropped:0 overruns:0 frame:0
          TX packets:994729 errors:1 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:10 

Prot SrcIP    SPrt DstIP    DPrt MAddr    MPrt State        Flgs Ref Ctl Expires 
(free=40960,40960,40960)                      

2. after first query:
ippp0     Link encap:Point-to-Point Protocol  
          inet addr:149.225.20.177  P-t-P:193.103.157.5  Mask:255.255.0.0
          UP POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:965514 errors:0 dropped:0 overruns:0 frame:0
          TX packets:994740 errors:1 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:10 

Prot SrcIP    SPrt DstIP    DPrt MAddr    MPrt State        Flgs Ref Ctl Expires 
(free=40959,40960,40960)                      
UDP  C0A8EE02:0035 C04C9042:0035 95E114B1:FC81 UDP          110    2   0     289       
                                        

3. after hangup:
ippp0     Link encap:Point-to-Point Protocol  
          inet addr:1.0.0.1  P-t-P:1.0.0.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:965515 errors:0 dropped:0 overruns:0 frame:0
          TX packets:994741 errors:1 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:10 

Prot SrcIP    SPrt DstIP    DPrt MAddr    MPrt State        Flgs Ref Ctl Expires 
(free=40959,40960,40960)                      
UDP  C0A8EE02:0035 C04C900E:0035 95E114B1:FC81 UDP          110    2   0     292       
                                        
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

4. after another query:
ippp0     Link encap:Point-to-Point Protocol  
          inet addr:149.225.20.184  P-t-P:193.103.157.5  Mask:255.255.0.0
          UP POINTOPOINT RUNNING NOARP  MTU:1500  Metric:1
          RX packets:965524 errors:0 dropped:0 overruns:0 frame:0
          TX packets:994753 errors:1 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:10 

Prot SrcIP    SPrt DstIP    DPrt MAddr    MPrt State        Flgs Ref Ctl Expires 
(free=40959,40960,40960)                      
UDP  C0A8EE02:0035 C04C9042:0035 95E114B1:FC81 UDP          110    2   0     284       
                                        

So I think it would be great to either add an option for flushing masquerading tables 
in ipchains or doing it on an down/up cycle in the kernel... If you could give me 
directions, I could do it myself...
or would erasing the masquerading rules and setting them anew by /etc/ppp/ip-down do 
the trick?


bye
        Mathias


-- 
eregion.de -- administrative account


-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
Re: IP Masquerading problems with 2.2.x

Reply via email to
