I don't know how napster works, but you can quickly see what is going wrong
changing your rules in this way:
/sbin/ipchains -P forward ACCEPT
/sbin/ipchains -A forward -p tcp --destination-port 6699 -j MASQ
/sbin/ipchains -A forward -i eth1 -p all -s 10.11.12.0/24 -j ACCEPT
/sbin/ipchains -A forward -j DENY -l <----- here you log everything that
(I would do the same with the INPUT chain)
And then in a terminal using for example "tail -f /var/log/messages" you can
see what is going up.
> Dear Linux-net,
> I have a problem setting up my masquerading linuxrouter to forward
> napsterclients. I (on the private side of the router) can do downloads
> other clients, but the other clients are not able to do downloads from me.
> Napster sees that people are trying, but the status of their uploads is
> "Waiting...". The setup is as follows:
> The home-LAN is 10.11.12.0/24. napster is running on a windowsclient which
> is adressed 10.11.12.12. The router is assigned a static public IP on the
> outside (eth1) and 10.11.12.13 on the LAN-side (eth0). I used the
> lines, which in my opinion should work, straightforward as it is:
> /sbin/ipchains -P forward DENY
> /sbin/ipchains -A forward -p tcp --destination-port 6699 -j MASQ
> /sbin/ipchains -A forward -i eth1 -p all -s 10.11.12.0/24 -j ACCEPT
> But it doesn't. It attempts to masq all outgoing traffic, which works and
> attempts to deny all incoming traffic except trafic to port 6699, which is
> the port I configured in napster. It denys all though, except for
> connections initiated from the LAN.
> Can anyone please tell me what I'm doing wrong?
> Serge Maandag.
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to firstname.lastname@example.org
This archive was generated by hypermail 2b29 : Mon Jan 31 2000 - 21:00:34 EST