Re: [masq] Masq problems in 2.0.35pre (rumoured) (fwd)(SOLVED)

David R. Forrest Wed, 29 Jul 1998 17:55:15 -0400
On Wed, 29 Jul 1998, David A. Ranch wrote:

> 
> >with kernel 2.0.35, with cacheing named, and sometimes it works well, and
> >sometimes not.  What doesn't work well is a Win 95 box on my network
> >looking at http://www.linuxhq.com (and many others).  
> 
> Did this happen with 2.0.34?  Personally, this sounds like our
> famous MTU bug.  Set your Internet connection's MTU to 1500
> and try again.

I've only set this up on the new kernel. My MTUs were set as:

W95(MTU=1500)-ethernet--(MTU=1006)eth0:Linux:diald(MTU1500)-phone-internet

Now:
W95(MTU=1500)-ethernet--(MTU=1500)eth0:Linux:diald(MTU1500)-phone-internet

It works fine now.  I hate running into infamous bugs.  Thank you.

I would guess that the route had fragmented the longer web pages, leaving
the short 'this page isn't here' pages to get through un-fragmented,
causing my spurious problem.  

  Is this problem also fixed with the MTU patch
http://www.indyramp.com/mirrors/ipmasq/masq-mtu-fix-0.3.patch.gz referred
to on the http://www.indyramp.com/mirrors/ipmasq/ resources page? 

Dave.  

PS: My working setup for diald, dynamic IP with first connection contact,
Linux 2.0.35/slackware, etc. is pasted on the end, along with the program
I used to generate the info.  Dave

> 
> --DAvid
> .----------------------------------------------------------------------------.
> |  David A. Ranch - Remote Access/Linux/PC hardware      [EMAIL PROTECTED]  |
> !----                                                                    ----!
> `----- For more detailed info, see http://www.ecst.csuchico.edu/~dranch -----'
> 

 .................................................................
 Dave Forrest                                [EMAIL PROTECTED]
 (804)-979-8634               http://watt.seas.virginia.edu/~drf5n



Working Configuration:
#### cat /etc/rc.d.rc.ipfw
#!/bin/sh
set -x ; # set +x;
# Setup IP firewalling/masquerading
# see http://www.indyramp.com/masq/
INSIDE=192.168.102.0/24
ANYWHERE=0.0.0.0/0
OUTSIDE=${ANYWHERE}
# Flush all commands
/sbin/ipfwadm -F -f
/sbin/ipfwadm -I -f
/sbin/ipfwadm -O -f
#per IP Masquerade Mini-Faq:
#  http://www.indyramp.com/mirrors/ipmasq/ipmasq-HOWTO.html
/sbin/ipfwadm -O -p accept
/sbin/ipfwadm -I -p accept
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -I -i deny -W sl0 -S ${INSIDE} -D ${ANYWHERE}
/sbin/ipfwadm -F  -a m -S ${INSIDE} -D ${OUTSIDE}
# enable first-packet re-writing per 
# http://www.linuxhq.com/patch/20-p0468.html
echo 1 > /proc/sys/net/ipv4/ip_dynaddr

# handy commands:
# cd /lib/modules/`uname -r`/ipv4 ; ls -a ip_masq* # lists the ipmasq
modules
# grep '' /proc/sys/net/ipv4/*  # shows the ip kernel setups
# ipfwadm -F -l ; ipfwadm -I -l ; ipfwadm -O -l ; ipfwadm -M -l # lists
# ifconfig  #

####  ipfwadm -F -l ; ipfwadm -I -l ; ipfwadm -O -l ; ipfwadm -M -l
IP firewall forward rules, default policy: deny
typ prot source               destination          ports
msq all  localnet/24          anywhere             n/a
IP firewall input rules, default policy: accept
typ prot source               destination          ports
den all  localnet/24          anywhere             n/a
IP firewall output rules, default policy: accept
IP masquerading entries
prot expire   source               destination          ports
tcp  03:15.44 hob.forrest          204.209.212.113      1192 (61495) ->
wwwtcp  10:34.18 hob.forrest          alyssa.indyramp.com  1197 (61499) ->
wwwtcp  10:41.42 hob.forrest          dijon.nais.com       1199 (61500) ->
wwwtcp  14:13.65 hob.forrest          watt.seas.virginia.edu 1178 (61482)
-> telnet
####  ls -a /lib/modules/`uname -r`/ipv4/ip_masq*
/lib/modules/2.0.35/ipv4/ip_masq_cuseeme.o
/lib/modules/2.0.35/ipv4/ip_masq_ftp.o
/lib/modules/2.0.35/ipv4/ip_masq_irc.o
/lib/modules/2.0.35/ipv4/ip_masq_quake.o
/lib/modules/2.0.35/ipv4/ip_masq_raudio.o
/lib/modules/2.0.35/ipv4/ip_masq_vdolive.o

####  grep '' /proc/sys/net/ipv4/*  # shows the ip kernel setups
/proc/sys/net/ipv4/arp_check_interval:6000
/proc/sys/net/ipv4/arp_confirm_interval:30000
/proc/sys/net/ipv4/arp_confirm_timeout:500
/proc/sys/net/ipv4/arp_dead_res_time:6000
/proc/sys/net/ipv4/arp_max_tries:3
/proc/sys/net/ipv4/arp_res_time:500
/proc/sys/net/ipv4/arp_timeout:6000
/proc/sys/net/ipv4/ip_dynaddr:1
/proc/sys/net/ipv4/ip_forward:1

####  ifconfig  #
lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Bcast:127.255.255.255  Mask:255.0.0.0
          UP BROADCAST LOOPBACK RUNNING  MTU:3584  Metric:1
          RX packets:3575 errors:0 dropped:0 overruns:0
          TX packets:3575 errors:0 dropped:0 overruns:0

eth0      Link encap:10Mbps Ethernet  HWaddr 00:40:05:24:34:84
          inet addr:192.168.102.10  Bcast:129.168.102.255
Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:316693 errors:0 dropped:0 overruns:0
          TX packets:286995 errors:0 dropped:0 overruns:0
          Interrupt:11 Base address:0x300 

sl0       Link encap:Serial Line IP  
          inet addr:192.168.102.1  P-t-P:192.168.102.2  Mask:255.255.255.0
          UP POINTOPOINT RUNNING  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0
          TX packets:140 errors:0 dropped:0 overruns:0

ppp0      Link encap:Point-Point Protocol  
          inet addr:205.139.233.151  P-t-P:205.197.102.56
Mask:255.255.255.0
          UP POINTOPOINT RUNNING  MTU:1500  Metric:1
          RX packets:2226 errors:0 dropped:0 overruns:0
          TX packets:2510 errors:0 dropped:0 overruns:0


####  route -n  # list the routing table w/o DNS lookups
Kernel routing table
Destination     Gateway         Genmask         Flags MSS    Window Use
Iface
192.168.102.2   *               255.255.255.255 UH    1500   0        0
sl0
205.197.102.56  *               255.255.255.255 UH    1500   0        0
ppp0
192.168.102.0   *               255.255.255.0   U     1006   0       98
eth0
127.0.0.0       *               255.0.0.0       U     3584   0       50 lo
default         *               *               U     1500   0       18
ppp0
default         *               *               U     1500   0       57
sl0

####  cat /etc/diald.conf
mode ppp
connect "chat -f /etc/chat_script.cstone"
device /dev/cua1
speed 115200
modem
lock
crtscts
local 192.168.102.1
remote 192.168.102.2
dynamic
defaultroute
fifo /var/adm/diald
proxyarp
include /usr/lib/diald/standard.filter

####  cat /etc/rc.d/check.ipfw
#!/bin/sh
#set -x ; # set +x; # Check the IP firewalling setup
# handy commands for checking the firewall:
echo -e '\n#### cat /etc/rc.d.rc.ipfw'
                cat /etc/rc.d/rc.ipfw
echo -e '\n####  ipfwadm -F -l ; ipfwadm -I -l ; ipfwadm -O -l ; ipfwadm
-M -l'
                 ipfwadm -F -l ; ipfwadm -I -l ; ipfwadm -O -l ; ipfwadm
-M -l
echo -e '\n####  ls -a /lib/modules/`uname -r`/ipv4/ip_masq*'
                 ls -a /lib/modules/`uname -r`/ipv4/ip_masq* 
echo -e "\n####  grep '' /proc/sys/net/ipv4/*  # shows the ip kernel
setups"
                 grep '' /proc/sys/net/ipv4/*  # shows the ip kernel
setups
echo -e '\n####  ifconfig  #'
                 ifconfig  #
echo -e '\n####  route -n  # list the routing table w/o DNS lookups'
                 route -n  # list the routing table w/o DNS lookups
echo -e '\n####  cat /etc/diald.conf'
                 cat /etc/diald.conf
echo -e '\n####  cat /etc/rc.d/check.ipfw'
                 cat /etc/rc.d/check.ipfw



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
Re: [masq] Masq problems in 2.0.35pre (rumoured) (fwd)(SOLVED)

Reply via email to
