IPchains, masquerading and napster

From: Serge Maandag (serge@staff.zeelandnet.nl)
Date: Sun Jan 30 2000 - 18:15:36 EST


Dear Linux-net,
 
I have a problem setting up my masquerading linuxrouter to forward
napsterclients. I (on the private side of the router) can do downloads from
other clients, but the other clients are not able to do downloads from me.
Napster sees that people are trying, but the status of their uploads is
"Waiting...". The setup is as follows:
 
The home-LAN is 10.11.12.0/24. napster is running on a windowsclient which
is adressed 10.11.12.12. The router is assigned a static public IP on the
outside (eth1) and 10.11.12.13 on the LAN-side (eth0). I used the following
lines, which in my opinion should work, straightforward as it is:
 
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -p tcp --destination-port 6699 -j MASQ
/sbin/ipchains -A forward -i eth1 -p all -s 10.11.12.0/24 -j ACCEPT
 
But it doesn't. It attempts to masq all outgoing traffic, which works and
attempts to deny all incoming traffic except trafic to port 6699, which is
the port I configured in napster. It denys all though, except for
connections initiated from the LAN.
 
Can anyone please tell me what I'm doing wrong?
 
Serge Maandag.

-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu



This archive was generated by hypermail 2b29 : Mon Jan 31 2000 - 21:00:33 EST