[leaf-user] Completely clearing portfw rules
I am having a problem on eigerstein and ipchains concerning port forwarding tables. There is an amateur radio app called echolink that is basically Speak Freely VOiP. It uses udp ports 5198 5199 for audio and control. On my leaf I normally have those ports portfw'ed to my 192.168.2.235 Windows laptop, echolink only runs on Windows. I am porting the app to Linux on my 192.168.2.205 machine. Ok, I want to test it. I ipmasqadm portfw -f to clear the rules forwarding udp 5198/99 to .235 and re-enter the rules to port forward the ports to .205. Now this is the strange part. If I haven't had much traffic with another external IP address on those ports when forwarding was to .235, everything is fine, 5198/99 packets now go to .205. However, if I had already received a number of packets from another host, the udp 5198/99 packets from that host host STILL go to the .235 Windows machine. Doing a ipmasqadm portfw -l shows no rules to forward ANYTHING to .235. But, they still go to .235 and 5198/98 packets from other hosts go to .205! !! I have to restart the LEAF box to get ALL 5198/99 packets to go to the .205 machine. Am I missing something about how to completely clear the rules tables? -- Jeff [EMAIL PROTECTED] --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Completely clearing portfw rules
On Mon, 19 Aug 2002, Jeff wrote: I am having a problem on eigerstein and ipchains concerning port forwarding tables. There is an amateur radio app called echolink that is basically Speak Freely VOiP. It uses udp ports 5198 5199 for audio and control. On my leaf I normally have those ports portfw'ed to my 192.168.2.235 Windows laptop, echolink only runs on Windows. I am porting the app to Linux on my 192.168.2.205 machine. Ok, I want to test it. I ipmasqadm portfw -f to clear the rules forwarding udp 5198/99 to .235 and re-enter the rules to port forward the ports to .205. Now this is the strange part. If I haven't had much traffic with another external IP address on those ports when forwarding was to .235, everything is fine, 5198/99 packets now go to .205. However, if I had already received a number of packets from another host, the udp 5198/99 packets from that host host STILL go to the .235 Windows machine. Doing a ipmasqadm portfw -l shows no rules to forward ANYTHING to .235. But, they still go to .235 and 5198/98 packets from other hosts go to .205! !! I have to restart the LEAF box to get ALL 5198/99 packets to go to the .205 machine. Am I missing something about how to completely clear the rules tables? I don't think so. What you seem to be missing is the difference between forwarding rules and masquerading connections. I don't know of a way to clear out the masquerading connections with ipchains, but you can change the timeout values with ipchains -M -S tcp tcpfin udp Another puzzle is how to query what the actual timeout values _are_... I only know how to change the values. --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Completely clearing portfw rules
On Monday 19 August 2002 11:35, Jeff wrote: I have to restart the LEAF box to get ALL 5198/99 packets to go to the .205 machine. Am I missing something about how to completely clear the rules tables? Are you give the command: svi ipfilter reload This flushes the filtering rules and reloads them. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
