Re: ipmasquerading stops when dialup service is dropped
tvn1981 <tvn1981@flashmail.com> wrote:
Hello, I have dialup and ip masq to share my dial up connection among my
personal network. The problem is when I stop the connection, and redial
again, I 'have' to rerun the rc.firewall in order for ipmasq to work.
Is this a normal behavior ? Is there anyway so that I don't have to
re-run rc.firewall everytime I redial ?
thanks
Without seeing your "rc.firewall" script, it is hard to give a precise
diagnosis, but here is what I suspect.
Your script is probably written to masquerade all INTERNAL traffic to
your EXTERNAL interface...i.e. PPP0. The problem with this is that the
PPP0 interface is created "on-the-fly" and only exists during the time
pppd has made a valid connection. When you don't have a connection, it
doesn't exist! You can check this out for yourself by running "ifconfg"
when not connected. As long as you run your "rc.firewall" script after
you connect, everything is fine until you disconnect... then there is
not place to forward the internal traffic.
The "fix" is as you have discovered... run the rc.firewall script
everytime after the connection is made and the PPP0 interface is
created. The only thing you are missing is just how to automate this
process.
Fortunately, there is an easy way I used when I had a dial-up. There
may be other ways, but this is the one that I know works from personal
experience. Using any text editor, open the /etc/ppp/ip-up file and
read it. Basically this script is run AFTER the ppp link is established
and the only action line says "run the scripts found in
/etc/ppp/ip-up.d/ ". It contains some other info about variables you
can use if you want. You might also want to read-up on the "run-parts"
command too. Anyway, the solution is to place a script (executable) in
/etc/ppp/ip-up.d/ directory that runs your "rc.firewall" script! There
Hello, I have dialup and ip masq to share my dial up connection among my
personal network. The problem is when I stop the connection, and redial
again, I 'have' to rerun the rc.firewall in order for ipmasq to work.
Is this a normal behavior ? Is there anyway so that I don't have to
re-run rc.firewall everytime I redial ?
thanks is also a /etc/ppp/ip-down file that does much the same thing
when the connection is ended in case you want to "reset" anything upon
disconnect. I never used this one much, but it works the same way. Be
careful how you name your new script. The "run-parts" command will
execute the scripts in a certain order depending upon their names. You
probably would want to run the ipmasq script before checking for new
mail on your ISP for example!
This solution worked for me for about 2-3 years without any problems.
Cheers,
-Don Spoon-
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: