> From: "Ted Erickson" <tederickson7582@xxxxxxxxxxx> > To: <netfilter@xxxxxxxxxxxxxxxxxxx> > Sent: Thursday, February 05, 2004 11:54 PM > Subject: Major NAT Problem > > > I am somewhat new to IPTables but not to linux. I have a major problem. > > Some background first... I have a PPoA SDSL connection with Qwest running > > at > > > 640k/up/down. I have a static block of 8 addresses.....I have a > > connection > > > from the DSL modem to eth0 on my Redhat 9.0 box and I have my local > > network > > > pluged into eth1. The only thing running on the linux box is IPTables > > nothing else. I turned on echo 1 > /proc/sys/net/ipv4/ip_forward and > > enabled MASQ in several different ways..... no problem. I can surf the > > internet just fine on my local network machine but I have ONE BIG > > PROBLEM!!! > > > I can't view a handfull of websites. If I take the linux box out of > > the picture and throw a cheap Linksys Router on the same DSL connection I > > can see all the web sites i want. IPTables is blocking something but I > > don't know what? I can't find any info on the web with this problem. I > > need to fix this ASAP or I will have to go with something else, but I > > want to stay with linux. > > > > theo > > This could convievably also be TCP ECN active on the linux box ... it has been known to cause problesms with certain firewall configurations. Although TCP ECN is a wonderful concept the standard has yet to completely catch on and can cause problems .. you might try echo "0" > /proc/sys/net/ipv4/tcp_ecn which will turn it off ... (i rebuilt my second kernel with tcp_ecn on, since it sounded like such a wonderful idea ... had to turn if off when the other half couldn't get to two of her fav websites.) Alistair
