[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Serious issue with ipchains and iptables
- From: Chuck Mead <csm MoonGroup com>
- To: Red Hat Mailing List <redhat-list redhat com>
- Subject: Serious issue with ipchains and iptables
- Date: Wed, 31 Oct 2001 11:37:43 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I think I may have discovered a pretty serious bug that appears to be
kernel related. First off here's the architecture:
I am using a cable modem for my connection to the world and it works
fine... no issues there.
I am using an Intel PII 450 with 64MB of RAM and 256MB of swap as an
ipchains/tables host and it is running 7.2 fully updated.
The external interface (eth1) is a LNE100TX [Linksys EtherFast 10/100]
and the internal (eth0) is a 3Com Corporation 3c905B 100BaseTX
[Cyclone].
I have tried several different scripts to handle the firewalling duties.
I've tried both the iptables and the ipchains versions of Plonk
(plonk.sourceforge.net) and MonMotha's Firewall 2.2.1
(http://t245.dyndns.org/~monmotha/firewall/index.php) and they all work.
I had been using Plonk for a long time and just started trying the
MonMotha yesterday in response to this problem.
Now to the problem...
Doing mail and browsing is just fine and I have no issues there. The
problem appeared when I was trying to FTP down some stuff which was
quite sizeable. The download would start and I'd get 10% done on a 40MB
download and then it would stop with no visible cause (a case in point
is todays xemacs update available via RHN). But not only did the ftp
stop but all outside connectivity would die. At first I thought I was
having a hardware problem but after a while I tried just rerunning the
firewall script and that would correct the problem (but that only worked
using iptables) though I had to restart the network to get that to work
with ipchains. I have tried all the installed kernels:
2.4.9-7enterprise
2.4.9-7
2.4.7-10enterprise
2.4.7-10
The problem occurs with all of these kernels and it occurs everytime I
start to load up the connection.
Using ipchains I get this (below) message in the log with kernel logging
enabled in syslog but I see nothing of any significance in the kernel
log when I use iptables.
Oct 31 10:50:05 gateway kernel: Sorry: masquerading timeouts set
5DAYS/2MINS/60SECS
Has anybody seen this problem before?
- --
csm
Free Dmitry!
Boycott Adobe!
Repeal the DMCA!
Stop the SSSCA!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjvgKNkACgkQv6Gjsf2pQ0ozAwCgnGzDFoiPSAHoYVXsofNXXcDV
7bcAoKfdHcKiVrbtBhlHozA8H6NySyyZ
=y7o/
-----END PGP SIGNATURE-----
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]