On Fri, Apr 07, 2006 at 08:27:53AM +1000, Alexander Samad wrote: > On Fri, Apr 07, 2006 at 08:04:18AM +1000, Alexander Samad wrote: > > Hi > > > > I have just moved my firewall from a 2.6 debian machine to a 2.4.30 > > openwrt (linksys wrt54gs) box. > > > > I orginially had this working with 2 isp, 1 cable 1 adsl and dyndns. > > > > Now when i have moved to 2.4.30 I am having problems. Everything else > > is working fine except when I DNAT packets from the firewall to an > > internal address, ie my web browser is inside so I DNAT from the > > external IP to the internal web server. > > > > now I am getting time outs, upon investigation what is happening is that > > packets are coming in, getting DNAT'ed, the web server is returning > > them, they get un DNAT, but a new call to the routing table is made and > > it seems to bypass the ip rules rules I have, all traffic that > > terminates on the external IP is okay and doesn't suffer from the > > problem. > > > > I remember reading about patches for the iproute and the kernel but I > > haven't kept up to date with those since I started using 2.6 > > > > Am i missing a patch ?? > > > > Thanks > > > > > > Had anothe look through the archives, via google and found a thread > about 2.4.29 and the fact that the default routes shouldn't be in the > main table. > > I have removed the default routes and placed them in the default table > and things seem to be okay now. > > Is this a know problem ???? Oops bumbling fingers type the wrong addresses in tcpdump, make no difference. it is like ip ru is not being used after un natting is happening > > > > _______________________________________________ > > LARTC mailing list > > LARTC@xxxxxxxxxxxxxxx > > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > > _______________________________________________ > LARTC mailing list > LARTC@xxxxxxxxxxxxxxx > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
