Hi, folks. I have just finished building a RH7.3 box that is going to host a couple of MUSHes. For historical reasons that I won't bother going into, the published address of one of them is port 670. On the hosting machine that I'm replacing, this required that that MUSH be run as root in order to service the low port.
On this new box, I plan on running the MUSH on port 6700 so I can run it as non-root, and redirecting incoming traffic on 670 to 6700 so we don't need to change all the external references and inconvenience all the users. I have set up an ipchains command to redirect 670 to 6700, and can connect and talk to the MUSH just fine by pointing my client to 670. So much for the background. The problem I'm experiencing is that redirected connections are unceremoniously disconnected if they're idle for more than about four minutes. If I set up my client to send something (anything) every 240 seconds, then all is sweetness and light, but if I let it go idle for more than that, I get disconnected. If I connect directly to the MUSH on port 6700, I can leave the connection idle all day and not get dropped, so it appears that this behaviour is unique to redirected connections. Can anyone suggest what is causing this four-minute timeout, and more importantly, how I extend or disable it? My ipchains rules are as follows: [root@strathfayr game]# ipchains -L Chain input (policy REJECT): target prot opt source destination ports ACCEPT udp ------ 192.168.0.3 anywhere domain -> 1025:65535 icmp icmp ------ anywhere anywhere any -> any ACCEPT tcp !y---- anywhere anywhere any -> any ACCEPT udp ------ anywhere anywhere any -> any ACCEPT tcp ------ anywhere anywhere any -> ssh ACCEPT tcp ------ 192.168.0.0/24 anywhere any -> telnet ACCEPT udp ------ anywhere anywhere bootps:bootpc -> bootps:bootpc ACCEPT udp ------ anywhere anywhere bootps:bootpc -> bootps:bootpc ACCEPT udp ------ anywhere anywhere any -> ntp ACCEPT udp ------ anywhere anywhere ntp -> any ACCEPT tcp ------ anywhere anywhere any -> 3052 ACCEPT tcp ------ anywhere anywhere 3052 -> any ACCEPT udp ------ anywhere anywhere any -> 3052 ACCEPT udp ------ anywhere anywhere 3052 -> any ACCEPT tcp ------ anywhere anywhere any -> 6250 ACCEPT tcp ------ anywhere anywhere any -> 6700 REDIRECT tcp ------ anywhere anywhere any -> 670 => 6700 Chain forward (policy REJECT): Chain output (policy ACCEPT): target prot opt source destination ports ACCEPT tcp ------ anywhere anywhere any -> any ACCEPT udp ------ anywhere anywhere any -> any ACCEPT tcp ------ anywhere anywhere any -> ssh ACCEPT tcp ------ 192.168.0.0/24 anywhere any -> telnet ACCEPT udp ------ anywhere anywhere bootps:bootpc -> bootps:bootpc ACCEPT udp ------ anywhere anywhere bootps:bootpc -> bootps:bootpc ACCEPT udp ------ anywhere anywhere any -> ntp ACCEPT udp ------ anywhere anywhere ntp -> any ACCEPT tcp ------ anywhere anywhere any -> 3052 ACCEPT tcp ------ anywhere anywhere 3052 -> any ACCEPT udp ------ anywhere anywhere any -> 3052 ACCEPT udp ------ anywhere anywhere 3052 -> any ACCEPT tcp ------ anywhere anywhere any -> 6250 ACCEPT tcp ------ anywhere anywhere any -> 6700 Chain icmp (1 references): target prot opt source destination ports ACCEPT all ------ anywhere anywhere n/a [root@strathfayr game]# Thanks in advance, Jon Etkins Austin, TX -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
