Thorsten Kranzkowski wrote: > On Sun, Jul 23, 2000 at 03:51:33PM +0200, Rogier Wolff wrote: > > > > It seems as if the masq table entry has an IP address entry. Shouldn't > > this be a reference to "the IP addr of that interface"? Thus when the > > interface goes down and comes back up, the new addr is used? > > According to the NAT HOWTO (see www.samba.org/netfilter) a _masqueraded_ > connection's table entry will be dropped when the interface goes down. > I assume you use an ISDN dialup (you mention the IP-up script). The No, I'm using regular PPP. Doesn't that have an IP-up script? Anyhow, I'm using "sleep 60;<do stuff> " instead of the IP-up script. Call me a fool. > problem is (I think) that the interface (ippp0) is _NOT_ going > down. Only the ISDN link is, but interface, routing (and NAT > entries) are kept 'up' so dynamic dialling can work. Of course old > NAT entries are useless with a new connection. Problem COULD be that these are UDP "connections", which officially aren't connections at all. > Probably a solution is to insert 'ifconfig ippp0 down; ifconfig ippp0 up' > along with a possible 'route -add ...' into your IP-down script. If they really should be dropped on the interface going down, then I've found a problem (i.e. docs do not conform with practise). > > (it is wrong to take the masq entry down with the interface: Then > > people with fixed-ip will see their masqed connections go down, over a > > power-cycle of their modem) > > People with fixed ip-address should use SNAT not MASQUERADE. SNATed entries > aren't dropped. OK. So when my PPP interface goes down, my masq entries aren't dropped! Roger. -- ** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2137555 ** *-- BitWizard writes Linux device drivers for any device you may have! --* * Common sense is the collection of * ****** prejudices acquired by age eighteen. -- Albert Einstein ******** - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.rutgers.edu
