Weird Routing/IP-Masquerading issue

To: debian-user@lists.debian.org
Subject: Weird Routing/IP-Masquerading issue
From: Stephen Pitts <smpitts@midsouth.rr.com>
Date: Sun, 28 Nov 1999 21:01:53 -0600
Message-id: <[🔎] 19991128210153.A522@magellan.midsouth.rr.com>

orwell has two ethernet cards and serves as the router for my home
network. eth0 connects to a cable modem with IP 24.x.x.x.x (assigned via
DHCP). eth1 connects to the home network with ip 192.168.1.1. The routing 
works fine, and I never have any problems getting to the outside world from
any of the other systems on the network...except for orwell. 

When I'm actually physically logged into orwell, I'm sometimes unable to
establish TCP connections with the outside world. I just ran
fetchmail on magellan (192.168.1.2) and it connected to my ISP's POP
server fine. But, even as I speak, fetchmail on orwell is blocking on the
connect() call because it cannot establish a TCP connection with the
outside world. I'm totally bewildered. Twenty minutes from now, it could
work fine.

Instead of using the ipmasq package, I setup the network and some
special IP-Masquerading hacks (for Napster, DirectX, and ICQ) through
/etc/init.d/network, which I've attached. I also use portfw to forward
orwell:81 to magellan:8080 to let others access my Zope server, but I
don't think that that is an issue either. I'm running Debian potato and
kernel 2.2.12 on orwell. 

Does anyone have any ideas? Please CC me as I'm not currently subscribed
to debian-user (I can only handle one high-traffic list, and zope takes
the cake!)
-- 
Stephen Pitts
smpitts@midsouth.rr.com
webmaster - http://www.mschess.org

#! /bin/sh
ifconfig lo 127.0.0.1

# internal network is hard-coded; external is setup by DHCP
ifconfig eth0 > /dev/null
ifconfig eth1 192.168.1.1 netmask 255.255.255.0

ipchains -P forward DENY
ipchains -A forward -s 192.168.1.0/16 -j MASQ
echo "1" > /proc/sys/net/ipv4/ip_forward

# for DirectPlay games :-)
ipmasqadm autofw -A -r udp 2300 2400 -h 192.168.1.2
ipmasqadm autofw -A -r tcp 2300 2400 -h 192.168.1.2
ipmasqadm autofw -A -r udp 47624 47624 -h 192.168.1.2
ipmasqadm autofw -A -r tcp 47624 47624 -h 192.168.1.2  

# for napster
ipmasqadm autofw -A -r tcp 6699	 6699 -h 192.168.1.2

# for ICQ
ipmasqadm autofw -A -r tcp 31000 32000 -h 192.168.1.2

Reply to:

Prev by Date: Re: Windows moving active partition mark
Next by Date: Re: Netscape configuration; Fortify
Previous by thread: New users looking for sources.list
Next by thread: who broken?
Index(es):
- Date
- Thread