From mboxrd@z Thu Jan  1 00:00:00 1970
From: joeask <joeask@gmx.de>
Date: Sat, 06 Nov 2004 02:34:35 +0000
Subject: [LARTC] ppp nat mappings
Message-Id: <418C383B.9000307@gmx.de>
List-Id: <lartc.vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
To: lartc@vger.kernel.org

Hi all,

i hope i'm not totally wrong on this list.

I setup a NAT router with the help of adsl-setup and shorewall. I've got=20
a ppp link to the net and shorewall created the iptables. after a=20
reconnect of the ppp link i get a new ip-address, but as long as the=20
existing kernel udp mappings| which were create by outgoing udp traffic|=20
don't get timed out, the router sends out udp packets belonging to this=20
mapping still contain the previous public ip-address.

i can see this in /proc/net/ip_conntrack and ethereal:


udp      17 178 src=192.168.0.160 dst!7.10.79.9 sportP60 dportP60=20
src!7.10.79.9 dst=80.135.x.y sportP60 dportP60 [ASSURED] use=3D1

but 80.135.x.y was my ipaddress some hours ago. if i stop sending udp=20
packets for about 5 minutes, the mapping is gone and replaced by a=20
mapping containing the correct public ip address.

ethereal shows, that the source address of the outgoing udp packets is=20
the old address, so i'm spoofing my ip address.

the kernel should notice that the ipaddress belonging to the mapping=20
changed and remove the mapping, shouldn't it?

Any suggestions on how to solve this problem?

Thanks,

joe



_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/