strange nat behaviour

To: <debian-firewall@lists.debian.org>
Subject: strange nat behaviour
From: Michel Decima <papa.pop@free.fr>
Date: Mon, 7 May 2001 01:24:23 +0200
Message-id: <[🔎] 20010506232423.24437@smtp.wanadoo.fr>

Hello everybody

I'm using a linux box with netfilter to masquerade my home LAN
and I have (very) strange behaviour whith some web sites: They
are not reachable by the masqueraded workstation (but I can read
them from the firewall). After the browser says 'connected to X'
the connections stalls. I've checked the ECN feature, and it is
not compiled in the kernel.

Right now, my configuration is as small as possible:

  iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
  echo 1 > /proc/sys/net/ipv4/ip_forward

and the problem is always the same... Does anybody have an idea ?
Thanks.

Firewall:
  Debian Woody
  Kernel 2.4.4, all netfiler options in kernel
  iptables 1.2
  can load slashdot.org and www.versiontracker.com

Workstation:
  PowerMac G3
  MacOS 9.1 (and MacOS 9.0.4, MacOS X)
  can load slashdot.org, but www.versiontracker.com is 
  unreachable.

Reply to:

Follow-Ups:
- Re: strange nat behaviour
  - From: Jim Breton <vader@conflict.net>
- Re: strange nat behaviour
  - From: Francois Gouget <fgouget@free.fr>
- Re: strange nat behaviour
  - From: Samu <samu@linuxasylum.net>
- Re: strange nat behaviour
  - From: Mark Eichin <eichin@thok.org>
- strange nat behaviour (solved)
  - From: Michel Decima <papa.pop@free.fr>

Prev by Date: Unidentified subject!
Next by Date: Re: strange nat behaviour
Previous by thread: Unidentified subject!
Next by thread: Re: strange nat behaviour
Index(es):
- Date
- Thread