IP Masq

Kopf

I recently re-installed Linux (slak 7.1) on my gateway, and for some reason IP Masquerading isn't working very well..

There are 2 boxes on my network: rocket (the gateway, 192.168.1.2) and galapogus (another box, 192.168.1.1). I've never had any trouble with IPMasquerading before, but right now, when I connect, galapogus seems to receive data *very* slowly from the internet (at about .5kb per second, on a 56kbps modem)... It still seems to be able to get through to the net, but even getting to this page on boards.ie took a good few minutes.

Here are my firewall rules.. Does anyone have any ideas?

/sbin/depmod -a
/sbin/modprobe ip_masq_ftp
/sbin/modprobe ip_masq_raudio
/sbin/modprobe ip_masq_irc
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
/sbin/ipchains -M -S 7200 10 160
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -s 192.168.1.1/24 -j MASQ

Kopf

<font face="Verdana, Arial" size="2">Originally posted by flamegrill:
[kopf]

here try this: this is the basic ipchains rule set i use when stuff isnt working.

echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
ipchains -P forward DENY
ipchains -A forward -i ppp0 -j MASQ
insmod ip_masq_ftp


/me points out that this is very similar, that is noted. if all else fails just use these 2 on there own.

ipchains -P forward DENY
ipchains -A forward -i ppp0 -j MASQ
</font>

[This message has been edited by flamegrill (edited 02-08-2001).]

That didn't work... I've noticed that what happens is that about 3kb is transfered over eth0 every.. one or two seconds.. while the modem is going away to beat the band.. Does ANYONE *Please* have any ideas on this? It's making life very difficult.

flamegrill

[kopf]

here try this: this is the basic ipchains rule set i use when stuff isnt working.

echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_always_defrag
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
ipchains -P forward DENY
ipchains -A forward -i ppp0 -j MASQ
insmod ip_masq_ftp


/me points out that this is very similar, that is noted. if all else fails just use these 2 on there own.

<font face="Verdana, Arial" size="2">
ipchains -P forward DENY
ipchains -A forward -i ppp0 -j MASQ
</font>

[This message has been edited by flamegrill (edited 02-08-2001).]

Gavin

Perhaps run tcpdump and see what the packets are doing ?

Gav

moist

Erm what sort of speeds is your gateway getting to the internet ??
If thats slow aswell I'd immagine that the problem is there.
Could be somthing like a really small MTU on
the packets going out your ppp interface.
or perhaps your getting DOSed (perhaps by accident).

check what network connections are connected with netstat -a or lsof.

See if you can run tcpdump on the ppp interface tcpdump -i ppp0 and check weather packets are going somewhere they shouldn't be.

hmm.. also check what speed your dialing up at

Kopf

<font face="Verdana, Arial" size="2">Originally posted by moist:

Erm what sort of speeds is your gateway getting to the internet ??
If thats slow aswell I'd immagine that the problem is there.
Could be somthing like a really small MTU on
the packets going out your ppp interface.
or perhaps your getting DOSed (perhaps by accident).

check what network connections are connected with netstat -a or lsof.

See if you can run tcpdump on the ppp interface tcpdump -i ppp0 and check weather packets are going somewhere they shouldn't be.

hmm.. also check what speed your dialing up at
</font>

It's all ok, i re-installed slak on the gateway, and now it's all going great. thanks anyways!