[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
RE: Serious issue with ipchains and iptables
- From: "Burke, Thomas G." <thomas_g_burke md northgrum com>
- To: "'redhat-list redhat com'" <redhat-list redhat com>
- Subject: RE: Serious issue with ipchains and iptables
- Date: Wed, 31 Oct 2001 12:33:15 -0500
Hermm... Well, I just blew my load & it's all I had... I'm still trying
to figure out wtf is going on on my box...
> -----Original Message-----
> From: Chuck Mead [SMTP:csm MoonGroup com]
> Sent: Wednesday, October 31, 2001 11:56 AM
> To: 'redhat-list redhat com'
> Subject: RE: Serious issue with ipchains and iptables
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Wed, 31 Oct 2001, Burke, Thomas G. posted the following:
>
> BTG>Generally, at the end of most ipchains scripts (that I've seen
> anyways)
> BTG>there's a set of lines to tell the ipchains engine how long to allow
> masq'd
> BTG>connections to stay alive... As I recall, the default is rediculously
> BTG>short, so we generally add the following (or similar) lines (taken
> from my
> BTG>firewall):
> BTG>
> BTG>#
> BTG># Masq timeouts - tcp 8hrs, tcp after fin pkt 60s, udp 10min
> BTG>$IPCHAINS -M -S 14400 60 600
> BTG>echo -n "."
> BTG>#
> BTG>#
> BTG>
> BTG>I imagine that if I had a single connection that lasted longer than
> those
> BTG>settings, I would get a similar message & get cut off... Could your
> problem
> BTG>be thus related? Is your ftp time longer than what the firewall is
> BTG>allowing?
>
> Since I have the same problem with iptables and ipchains I have been
> looking elsewhere. It's not a timeout on the ftp connection... it's
> shutting down everything... no ssh, no mail, no browsing... nothing
> until I restart the firewall.
>
> - --
> csm
> Free Dmitry!
> Boycott Adobe!
> Repeal the DMCA!
> Stop the SSSCA!
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
>
> iEYEARECAAYFAjvgLTEACgkQv6Gjsf2pQ0qYiQCeJZ19MZHPWWjZmFYiy9GNVL8r
> PfAAoIwdoOOemi0bIMCqQA8PPbXzU6Sb
> =Eswp
> -----END PGP SIGNATURE-----
>
>
>
> _______________________________________________
> Redhat-list mailing list
> Redhat-list redhat com
> https://listman.redhat.com/mailman/listinfo/redhat-list
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]