telnet/ssh disconnects... Possible NAT teardown?

Jeremy irwinr12 at yahoo.com
Fri Feb 6 17:16:48 UTC 2004 

--- Mike Klinke <lsomike at futzin.com> wrote:
> On Thursday 05 February 2004 18:57, Jeremy wrote:
> > --- Mike Klinke <lsomike at futzin.com> wrote:
> > > On Thursday 05 February 2004 16:49, Jeremy wrote:
> > > > Alright, I'm using Fedora Core 1.  My box is setup as a router
> > > > for the rest of my network.  It has two network cards, one 10
> > > > base card connected to a cable modem, and another 10/100
> > > > connected to my network switch.  I have iptables setup to do
> > > > masquerading.
> > > >
> > > > The problem...
> > > >
> > > > Telnet/SSH connections to the machine, from the outside world,
> > > > disconnect after 5-10 minutes of inactivity.  For example, I
> > > > can have 3 SSH connections to my box, neglect one window for a
> > > > few minutes, and when I go to that window and start typing, I
> > > > get a message from PuTTY saying I got disconnected.
> > > >
> > > > I've looked extensivly on the net trying to figure out what's
> > > > wrong and how to fix it.  I've come across a couple sites
> > > > saying that this could possibly be caused by a 'NAT teardown'. 
> > > > I'm new to iptables and NAT, so i'm not exactly sure what this
> > > > means.  I was under the impression that NAT timeouts on
> > > > CONNECTED connections was like 5 days of inactivity before it
> > > > would drop.  When I cat /proc/net/ip_conntrack, i see my
> > > > connections, and I see they have very high timeouts.
> > > >
> > > > I've looked through the iptables man page, as well as the
> > > > iptables/netfilter website, and i can't find anything relevent
> > > > to this.  Does anyone know how I might fix this?
> > > >
> > > > -Jeremy
> > >
> >
> > > watching the connection via tcpdump?
> >
> > No, I'm not familiar enough with tcpdump's syntax to know what to
> > look for. What command line options should I use?
> 
> Well one approach could be to monitor all traffic with the remotely 
> logged in host. For example on the server run:
> 
> tcpdump -nX host <client_ip> -i <interface(eth0 for example)>
> 
> Make your connection from the client and wait your 5 to 10 minutes. 
> See if either side initiates a disconnect or if the connection just 
> "disappeared."

Alright, I'll try that.

> 
> Does a telnet session from a client on the local network via the 
> inside nic also fail after this period of time?  

I'm not sure, I'm at a remote location at the moment, so I have no way of
testing that at this time.  I should be going home this weekend, and I'll try
it from there.

> 
> Have you temporarily stopped iptables and tried the same test?

No, I'll try that as well.

> 
> Regards,  Mike Klinke

Thanks
-Jeremy

__________________________________
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online.
http://taxes.yahoo.com/filing.html

More information about the fedora-list mailing list