Is there anything that identifies traffic as coming from an internal LAN machine via ip masquerade as opposed to direct from an internet-connected machine, apart from the 64nnn source ports used by ipmasq? I have an ip masquerading 486 connecting our LAN to the net. >From other LAN machines, http connections to some (but only some) web servers get the headers and the seperating CRLF, but no HTML content. When I telnet into the host on port 80, I get the headers and the CRLF, then the connection remains open but nothing further gets received. The traffic isn't being dropped by the masq box. By contrast, from the ipmasqing box itself, everything works fine - I get the headers and the content. It's nothing special about the source ports used by ipmasq, because I checked this from a different linux 2.2 box not running masquerading, by using netcat to set the source port. That worked fine. This happens whether the internal LAN machine is linux 2.2, win2k or win98, and on three internal machines. I can't figure out how different stuff happens to masqueraded and non-masqueraded traffic, if the only respect in which the two types of traffix differ is the source port. I can't ping or traceroute the offending hosts, but this appears to be just a misconfigured firewall on their end that drops ICMPs it shouldn't. That shouldn't cause this wierd behaviour as I understand things... --matt -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://slug.org.au/lists/listinfo/slug
