Latest LQ Deal: Latest LQ Deals
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 12-07-2001, 09:20 AM   #1
Registered: Dec 2001
Location: Chester, GBR
Distribution: Mostly Ubuntu
Posts: 48

Rep: Reputation: 15
Unhappy ipchains


I am using PPPD demand and ipchains MASQ to connect my home network to a dialup. Any suitable packet will bring the line up bu then will wait forever(ish) for the reply. If I HUP the process and start again, it's fine - masquerading and all !!!

I am starting the masquerading from init.d before enabling packet forwarding. Should I be using ipchains -P forward -j DENY at startup, then ipchains -A forward -i ppp0 -j MASQ in /etc/ppp/ip-up?

Any suggestions?
Old 12-11-2001, 10:42 AM   #2
Registered: Dec 2001
Distribution: RH5.2/6.2/7.0/7.1/7.2/9/ES21/ES31
Posts: 91

Rep: Reputation: 15
Two thoughts -- first, there's a chance some portion of your application is timing out before it gets a chance to receive data. Last time I heard, modems still aren't the fastest connection makers. But, assuming that's not happening...

If you're using masquerading, then it sounds like you're trying to share the modem connection w/ multiple clients behind your dialup server.

Before you try all that, try just using the dialup server by itself. You shouldn't need any ipchain rules for it

If you can't connect out correctly from the server, it's probably not going to work from the remote workstations either...

After you *clear*any firewall rules at the console (READ -- NO FIREWALL!):

ipchains -F
ipchains -P input ACCEPT
ipchains -P output ACCEPT
ipchains -P forward DENY

Try to connect to a known working public service (www/ftp) from your console and see what happens.

Old 12-13-2001, 01:58 AM   #3
Registered: Dec 2001
Location: Chester, GBR
Distribution: Mostly Ubuntu
Posts: 48

Original Poster
Rep: Reputation: 15
Everything works fine from the console, that's why I assumed it must be ipchains.

Anyhoo, the whole box is in need of attention; i plugged in the rest of my home machines - win9x etc and they all dropped out to BSOD!!! - methinks there's a few badly formed packets flying around. Would like to run everything on linux but GF too used to Mr. Gates' handywork.
Old 12-13-2001, 02:33 AM   #4
LQ Guru
Registered: Jun 2001
Location: South Alabama
Distribution: Fedora / RedHat / SuSE
Posts: 7,163

Rep: Reputation: 58
you need to setup the default gateway, dns, and ip address on the clients.

the rule for masq is ok
ipchains -P forward -j DENY
ipchains -A forward -i ppp0 -j MASQ

and you need this to run somewhere if it's not a 1 it will not work

echo 1 > /proc/sys/net/ipv4/ip_forward

Last edited by DavidPhillips; 12-13-2001 at 02:35 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Ipchains brokenflea Linux - Networking 1 02-03-2004 05:44 AM
ipchains i.d. Linux - Security 5 08-21-2002 02:12 PM
ipchains help ... please> paulw Linux - Security 3 11-16-2001 10:15 AM
IpChains again ETT Linux - Security 3 07-24-2001 07:49 AM
[ipchains] MrGreg Linux - General 4 07-14-2001 11:35 PM > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:31 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration