Re: strange nat behaviour

To: debian-firewall@lists.debian.org
Subject: Re: strange nat behaviour
From: Jim Breton <vader@conflict.net>
Date: Sun, 6 May 2001 23:35:29 +0000
Message-id: <[🔎] 20010506233529985565.7991@conflict.net>
Mail-followup-to: debian-firewall@lists.debian.org
In-reply-to: <[🔎] 20010506232423.24437@smtp.wanadoo.fr>; from papa.pop@free.fr on Mon, May 07, 2001 at 01:24:23AM +0200
References: <[🔎] 20010506232423.24437@smtp.wanadoo.fr>

On Mon, May 07, 2001 at 01:24:23AM +0200, Michel Decima wrote:
> I'm using a linux box with netfilter to masquerade my home LAN
> and I have (very) strange behaviour whith some web sites: They
> are not reachable by the masqueraded workstation (but I can read
> them from the firewall). After the browser says 'connected to X'
> the connections stalls. I've checked the ECN feature, and it is
> not compiled in the kernel.

It's not immediately apparent to me what the problem is; however I would
suggest hooking up Ethereal or tcpdump and taking a look at the traffic
coming back from the unreachable site(s).

Perhaps some TCP options are being set that are not being allowed
through your firewall for some reason.  There must be _something_
different about the traffic and it should be fairly easy to find out
what it is.

-- 

Jim B.
vader@conflict.net

Reply to:

References:
- strange nat behaviour
  - From: Michel Decima <papa.pop@free.fr>

Prev by Date: strange nat behaviour
Next by Date: Re: strange nat behaviour
Previous by thread: strange nat behaviour
Next by thread: Re: strange nat behaviour
Index(es):
- Date
- Thread