Re: ipchains conversion

Paul Rusty Russell (Paul.Russell@rustcorp.com.au)
Mon, 06 Sep 1999 05:21:51 +0930


In message <000801bef6d7$ff5a44a0$345bd8d1@defiant.binary-tech.net> you write:
> Rusty

[ Cc'd to Juanjo and linux-net: looks like a fragment reassembly
problem? Anyone seen this with OS/2 before? ]

>
> I've tried it with masquerading and without, same results either way.
> All other services work.
> No true proxy, just ipchains.
> I have some new findings.
> The traffic is affected both directions for all HTTP, server or client. I
> have an Apache server running on the OS/2 machine and I get the same
> messages when trying to connect to it from the internet.
> A TCPDUMP is squawking about fragments and timing out during "ip
> reassemble".

I think I'm going to need a copy of that tcpdump output. Make sure
you use `-n'.

Thanks.

> -----Original Message-----
> From: rusty@rustcorp.com.au [mailto:rusty@rustcorp.com.au] On Behalf Of Paul
> Rusty Russell
> Sent: Thursday, September 02, 1999 1:40 PM
> To: mhoit@gte.net
> Subject: Re: ipchains conversion
>
> In message <37CD185A.CD57A8BC@gte.net> you write:
> > Paul,
> >
> > I've been searching the net for info on this issue and your expertise
> > keeps popping up in my results list. I hope you answer questions like
> > this. I just converted from Redhat 5.2 to Redhat 6.0 and consequently
> > moved from ipfwadm to ipchains. Under the new configuration, an OS/2
> > machine on the network can no longer connect to HTTPD sites. Telnet and
> > FTP continue to work, although slow. When I try to connect I receive a
> > "Broken Pipe" from Netscape. I can connect to the site, but never
> > receive any data back.
>
> How wierd. Are you masquerading? Does everything else work? Is the
> OS/2 machine trying to connect directly, or use an http proxy (what do
> you mean by HTTPD sites?).
>
> A tcpdump (ideally from an unrelated machine on the same network as
> the OS/2 box) might help here...
>
> Curious,
> Rusty.
> --
> Hacking time.
>

--
Hacking time.
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu