Re: firewall/http problem with 2.4 kernel
> On Thu, Sep 13, 2001 at 01:22:57PM +0100, Edgar Denny wrote:
> > I can't seem to get http working through my firewall. At first I
> > thought it was an ECN problem, but I disabled it when I built
> > the kernel. Also, ssh works fine through the firewall. http also works
> > fine when I connect to other machines behind the firewall. My i386,
> > which is also running a 2.4 kernel, has no problems.
>
> What do you mean by "not working"? Are packets getting out? are they
> coming back? Could be a fragmentation or MTU discovery problem.
>
OK,
I've looked at the firewall logs, the packets from my Alpha get through
the firewall, but the response from the external http server is denied.
At typical line from the log file is:
24032:Sep 11 15:40:20 firewall kernel: Packet log: input - eth1 PROTO=6 209.116.70.80:80 155.198.83.63:34734 L=60 S=0x00 I=44910 F=0x4000 T=42 (#114)
The reason they are denied is because a firewall rule denies any incoming
http connections above port number 5999. Here the port number is 34734.
Though I don't understand http clearly, presumably this is because it is
the port my machine opened to make the http connection in the first place.
Anyone have any idea why my Alpha is chosing such a high port number, and
how can I fix it?
Thanks,
Edgar.
Reply to: