Re: 2.1.17: masquerading still broken

Chris Faylor (cgf@bbc.com)
Mon, 23 Dec 1996 16:37:35 GMT


In article <Pine.LNX.3.95.961222231219.341A-100000@earth.terran.org>,
B. James Phillippe <bryan@terran.org> wrote:
>Hello All!
>
> I'm wondering if IP masquerading is working for anyone out there,
>past 2.1.8. If anyone has it working, could you offer to help me see what
>it is that I've done wrong? FWIW, I hope we're not phasing out the
>feature; it's really useful to a lot of people! If it's on indefinite
>hold, we might want to consider removing the option from the configuration
>process(?). Anyway, I tried applying the posted fix (against 2.1.14), but
>that didn't work any differently. Any advice? Or, is "be patient" the
>best thing for me to do right now?
>
>Thanks for consideration, and Merry Christmas to you!

I've gotten masquerading working on 2.1.17 with the patch below. This
is a variation of a patch submitted by Matt Cross (profesor@harmless.gweep.net)
for 2.1.14.

Once it is installed you also need to:

echo 1 > /proc/sys/net/ipv4/ip_forwarding

Hope this helps.

--- ip_masq.c.2.1.17 Wed Dec 18 15:06:05 1996
+++ ip_masq.c Sun Dec 22 13:56:13 1996
@@ -566,7 +557,10 @@
else timeout = ip_masq_expire->tcp_timeout;

skb->csum = csum_partial((void *)(th + 1), size - sizeof(*th), 0);
- tcp_v4_check(th, size, iph->saddr, iph->daddr, skb->csum);
+ th->check = 0;
+ th->check = tcp_v4_check(th, size, iph->saddr, iph->daddr,
+ csum_partial ((char *)th, sizeof(*th),
+ skb->csum));
}
ip_masq_set_expire(ms, timeout);
ip_send_check(iph);
@@ -898,9 +892,11 @@
len - sizeof(struct tcphdr), 0);
th = (struct tcphdr *) portptr;
th->check = 0;
-
- tcp_v4_check(th, len, iph->saddr, iph->daddr,
- skb->csum);
+ th->check = tcp_v4_check(th, len, iph->saddr,
+ iph->daddr,
+ csum_partial((char *)th,
+ sizeof(*th),
+ skb->csum));

/* Check if TCP FIN or RST */
if (th->fin)

-- 
http://www.bbc.com/	cgf@bbc.com			"Strange how unreal
VMS=>UNIX Solutions	Boston Business Computing	 the real can be."