Can anyone help me out with IP Masquerade in SuSE 6.4 on my dialup link? With my ISP it works fine for ping, ftp, telnet and smtp, but the http packets never come back. I tried another ISP, and then http works too. OK, my ISP may be blocking the port numbers IP Masquerade is using. But if I use Freesco to masquerade, everything works OK, even with my ISP. Experiments are all repeatable. Does Freesco use different port numbers to masquerade than SuSE? How can I configure SuSE to work like Freesco? - I need more services on the router than Freesco offers.
Richard Smith wrote:
Can anyone help me out with IP Masquerade in SuSE 6.4 on my dialup link? With my ISP it works fine for ping, ftp, telnet and smtp, but the http packets never come back. I tried another ISP, and then http works too. OK, my ISP may be blocking the port numbers IP Masquerade is using. But if I use Freesco to masquerade, everything works OK, even with my ISP. Experiments are all repeatable. Does Freesco use different port numbers to masquerade than SuSE? How can I configure SuSE to work like Freesco? - I need more services on the router than Freesco offers.
Does your ISP use an http proxy? Maybe you should enable the correct port for their proxy (i.e. 8080, 8088, etc.) -- Joe & Sesil Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Web Address: http://home.beseen.com/churches/joe_morris
On Fri, 16 Feb 2001, you wrote:
Richard Smith wrote:
Can anyone help me out with IP Masquerade in SuSE 6.4 on my dialup link? With my ISP it works fine for ping, ftp, telnet and smtp, but the http packets never come back. I tried another ISP, and then http works too. OK, my ISP may be blocking the port numbers IP Masquerade is using. But if I use Freesco to masquerade, everything works OK, even with my ISP. Experiments are all repeatable. Does Freesco use different port numbers to masquerade than SuSE? How can I configure SuSE to work like Freesco? - I need more services on the router than Freesco offers.
Does your ISP use an http proxy? Maybe you should enable the correct port for their proxy (i.e. 8080, 8088, etc.)
Thanks for the reply - I'm not sure of the answer and my ISP is pretty slow about answering the harder questions. How can I tell if the alternative http ports are enabled? I can try enabling them, but I don't know where to look.
Richard Smith wrote:
On Fri, 16 Feb 2001, you wrote:
Richard Smith wrote:
Can anyone help me out with IP Masquerade in SuSE 6.4 on my dialup link? With my ISP it works fine for ping, ftp, telnet and smtp, but the http packets never come back. I tried another ISP, and then http works too. OK, my ISP may be blocking the port numbers IP Masquerade is using. But if I use Freesco to masquerade, everything works OK, even with my ISP. Experiments are all repeatable. Does Freesco use different port numbers to masquerade than SuSE? How can I configure SuSE to work like Freesco? - I need more services on the router than Freesco offers.
Does your ISP use an http proxy? Maybe you should enable the correct port for their proxy (i.e. 8080, 8088, etc.)
Thanks for the reply - I'm not sure of the answer and my ISP is pretty slow about answering the harder questions. How can I tell if the alternative http ports are enabled? I can try enabling them, but I don't know where to look.
Check /etc/rc.config.d/firewall.rc..config -- Joe & Sesil Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Web Address: http://home.beseen.com/churches/joe_morris
Richard Smith wrote:
Can anyone help me out with IP Masquerade in SuSE 6.4 on my dialup link? With my ISP it works fine for ping, ftp, telnet and smtp, but the http packets never come back. I tried another ISP, and then http works too. OK, my ISP may be blocking the port numbers IP Masquerade is using. But if I use Freesco to masquerade, everything works OK, even with my ISP. Experiments are all repeatable. Does Freesco use different port numbers to masquerade than SuSE? How can I configure SuSE to work like Freesco? - I need more services on the router than Freesco offers.
Does your ISP use an http proxy? Maybe you should enable the correct port for their proxy (i.e. 8080, 8088, etc.)
Thanks for the reply - I'm not sure of the answer and my ISP is pretty slow about answering the harder questions. How can I tell if the alternative http ports are enabled? I can try enabling them, but I don't know where to look.
Check /etc/rc.config.d/firewall.rc..config
Ah - I'm not using the SuSE firewall (START_FW="no" in /etc/rc.config). I will try to get that working once the simple stuff works! I have IP_DYNIP=yes, IP_TCP_SYNCOOKIES=yes and IP_FORWARD=yes in /etc/rc.config. I have named running, and in /sbin/init.d/boot.local I have /sbin/ipchains -A forward -s 10.0.0.2/24 -j MASQ /sbin/ipchains -A forward -s 10.0.0.3/24 -j MASQ /sbin/modprobe ip_masq_ftp /sbin/modprobe ip_masq_quake /sbin/modprobe ip_masq_irc /sbin/modprobe ip_masq_user /sbin/modprobe ip_masq_raudio The /etc/rc.config.d/firewall.rc.config entries presumeably alter more basic config files - do you know what they are? Perhaps I should use the SuSE firewall, but I can't get ANYTHING to work with that.
Richard Smith wrote:The /etc/rc.config.d/firewall.rc.config entries presumeably alter more basic
config files - do you know what they are? Perhaps I should use the SuSE firewall, but I can't get ANYTHING to work with that.
At first I had a hard time with SuSE firewals (tried yast and readmes), but after trying to configure directly in firwall.rc.config (it has excellent help at the beginning of the file), I have got two Linux servers maquerading very well. I would recommend using firewals, and check for the latest rpm on SuSE's site. -- Joe & Sesil Morris New Tribes Mission Email Address: Joe_Morris@ntm.org Web Address: http://home.beseen.com/churches/joe_morris
participants (2)
-
Joe Morris
-
Richard Smith