Hello,
I'm a computer science student and I work with linux based
servers at Gruponet Tecnologia ( www.gruponet.com.br
www.gntecnologia.com).
Well, I'm using ipchains to set up my firewall and I have the
follow situation:
In my rc.firewall I'm setting some accept rules for machines
that
I give access to the server with this sintax:
ipchains -A input -i eth0 -s 192.168.0.xxx/32 -j ACCEPT
ipchains -A input -i eth0 -s 192.168.0.yyy/32 -j ACCEPT
And after, I deny all others machine to access the server with
this rule:
ipchains -A input -i eth0 -s 0.0.0.0/0 -d 0.0.0.0/0 -j DENY
Well, this works fine, but in one server, for an example, when a
user (in my intranet [via nat]) try to send an e-mail using an extern
smtp, he is losting the connection with the smtp server and I note the
follow:
When the Deny rule is set, the ipchains log shows me more or
less
this:
... Packet Log........ L=1500 ...
... Packet Log........ L=1500 ...
... Packet Log........ L=1500 ...
... Packet Log........ L=1500 ...
... Packet Log........ L=1500 ...
When its not setted, the log shows:
... Packet Log........ L=1500 ...
... Packet Log........ L=578 ...
... Packet Log........ L=1500 ...
... Packet Log........ L=578 ...
... Packet Log........ L=1500 ...
... Packet Log........ L=578 ...
... Packet Log........ L=1500 ...
... Packet Log........ L=578 ...
Is it a problem with packet fragmentation?
What can I do to correct it?
Thanks a LOT!
PS: Sorry my bad English.
--
------------------------------------
Sergio Alves de Lima Jr.
sergio@gruponet.com.br
Analista de Suporte
Departamento de Suporte
http://www.gruponet.com.br/suporte
GrupoNet Tecnologia
------------------------------------
------------------------------------------------------------------------
To unsubscribe email security-discuss-request@linuxsecurity.com
with "unsubscribe" in the subject of the message.
