hi all, before 6 weeks i installed a internet-gateway based on kernel 2.4.18 and iptables.
useing some addons fron patch-o-matic and the 1.2.7 iptables binaries it is a pretty common environment: private-net 192.168.65.0/24 | eth0 192.168.65.1/32 Gateway dynamic-ip ppp0 | internet for all private-net generated sessions i use the "--state NEW -j ACCEPT" and for the returnig packets the "--state ESTABLISHED,RELATED -j ACCEPT" and of course the MASQ thing in the nat table for logging i use before the clean-up rule in each chanin, the "-j LOG" since 4 days the user began to complain about unreachable websites and pop servers. so the first 5 weeks thinks semms to work just fine. for me, it looks like established connections do not get back as usual. i checked the rule-set twice. i include a view syslog messages here: Apr 10 13:51:50 egal kernel: inet-gateIN=ppp0 OUT= MAC= SRC=213.165.64.20 DST=213.191.94.93 LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=61420 PROTO=TCP SPT=110 DPT=1074 WINDOW=0 RES=0x00 ACK RST URGP=0 Apr 10 13:58:38 egal kernel: inet-gateIN=ppp0 OUT= MAC= SRC=213.165.64.20 DST=213.191.94.93 LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=16273 PROTO=TCP SPT=110 DPT=1078 WINDOW=0 RES=0x00 ACK RST URGP=0 Apr 10 20:39:03 egal kernel: inet-gateIN=ppp0 OUT= MAC= SRC=213.165.64.20 DST=213.191.87.1 LEN=40 TOS=0x00 PREC=0x00 TTL=57 ID=65337 PROTO=TCP SPT=110 DPT=3615 WINDOW=0 RES=0x00 ACK RST URGP=0 Apr 10 23:34:35 egal kernel: inet-gateIN=ppp0 OUT= MAC= SRC=62.181.130.2 DST=213.191.92.208 LEN=40 TOS=0x00 PREC=0x00 TTL=102 ID=53576 PROTO=TCP SPT=110 DPT=1051 WINDOW=0 RES=0x00 ACK RST URGP=0 Apr 10 14:03:55 egal kernel: inet-gateIN=ppp0 OUT= MAC= SRC=213.191.74.53 DST=213.191.94.93 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=54758 DF PROTO=TCP SPT=80 DPT=1191 WINDOW=31944 RES=0x00 ACK FIN URGP=0 Apr 10 14:04:00 egal kernel: inet-gateIN=ppp0 OUT= MAC= SRC=213.191.74.53 DST=213.191.94.93 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=55237 DF PROTO=TCP SPT=80 DPT=1190 WINDOW=31944 RES=0x00 ACK FIN URGP=0 Apr 10 14:04:10 egal kernel: inet-gateIN=ppp0 OUT= MAC= SRC=213.191.74.53 DST=213.191.94.93 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=56653 DF PROTO=TCP SPT=80 DPT=1198 WINDOW=31944 RES=0x00 ACK FIN URGP=0 Apr 10 14:04:36 egal kernel: inet-gateIN=ppp0 OUT= MAC= SRC=213.191.74.53 DST=213.191.94.93 LEN=40 TOS=0x00 PREC=0x00 TTL=62 ID=61393 DF PROTO=TCP SPT=80 DPT=1196 WINDOW=31944 RES=0x00 ACK FIN URGP=0 i noticed the threads obout increasing some timeouts. but way does this behavior starts before 4 days and not the hole operation period. for example: the users can not connect to www.hamburg.de from hosts, not connected to this private-net, they can. the hole network-config looks fine for me. any ideas? thx, axel PS: witch information, included here, would you never give to a public mailing list? i am just interested. the dst ip-addresses are dynamic.
