On Mon, 2003-05-12 at 08:00, Togan Muftuoglu wrote:
FW_MASQ_NETS="0/0"
I would have placed the actual networks as 0/0 means the whole internet
I tried setting this like it "should" be set, with my internal and DMZ networks. It didn't make a difference.
FW_ALLOW_INCOMING_HIGHPORTS_UDP="domain ntp"
So you do not have xntp running on the firewall machine as I have not made xntp to work above UDP:1023-
You're right. I haven't even tried to get ntpd running. I was just setting that in anticipation of doing it.
Yet other then these two non major things I do not see anything wrong with the setup. Hence it is even more weird than before.
I suppose what might be most important thing I've discovered is that it doesn't do this on the external interface. It's only doing it on the internal and DMZ interfaces. (Nor does it happen between the internal network and the DMZ.) To sum up: this is only happening when I try to SSH into my firewall from my internal network or my DMZ.
Have you tried to capture the traffic when this weird thing happens. Maybe it would give a clue
I tried capturing the output from `iptables -L' when it was happening and when it wasn't, then diff'ing them, but the rules aren't changing on me (as expected). So I guess this is the only thing left. Regards, dk -- David "Dunkirk" Krider, http://www.davidkrider.com Acts 17:28, "For in Him we live, and move, and have our being." Linux: Will you use the power for good... or for AWESOME?