From: "Taylor, Grant" <gtaylor@riverviewtech.net>
To: netfilter@lists.netfilter.org
Subject: Re: Help: iptables NAT broken with pppoe
Date: Sat, 07 May 2005 01:12:17 -0500 [thread overview]
Message-ID: <427C5C41.3010407@riverviewtech.net> (raw)
In-Reply-To: <1115397393l.3864l.0l@antares.localdomain>
> [root@antares root]# tcpdump -nn -i ppp0 tcp port 80 2> tcpdump.ppp0
> 18:16:21.012206 IP 84.44.131.113.49223 > 213.95.27.115.80: S 2685214081:2685214081(0) win 65535 <mss 1452,nop,wscale 0,nop,nop,timestamp 2148180757 0>
> 18:16:21.085651 IP 213.95.27.115.80 > 84.44.131.113.49223: S 2677460604:2677460604(0) ack 2685214082 win 5792 <mss 1460,nop,nop,timestamp 1472713132 2148180757,nop,wscale 2>
> 18:16:21.085748 IP 84.44.131.113.49223 > 213.95.27.115.80: R 2685214082:2685214082(0) win 0
> 18:16:23.779332 IP 84.44.131.113.49223 > 213.95.27.115.80: S 2685214081:2685214081(0) win 65535 <mss 1452,nop,wscale 0,nop,nop,timestamp 2148180762 0>
> 18:16:23.841268 IP 213.95.27.115.80 > 84.44.131.113.49223: S 2680216981:2680216981(0) ack 2685214082 win 5792 <mss 1460,nop,nop,timestamp 1472715888 2148180762,nop,wscale 2>
> 18:16:23.841326 IP 84.44.131.113.49223 > 213.95.27.115.80: R 2685214082:2685214082(0) win 0
I'm not sure why it's happening but your PMac G4 system is sending reset packets in response to the responses from the server. Have you tried using an SNAT rule temporarily on your POSTROUTING chain to see if the problem is with the MASQUERADE rule? Also, what is your "echo 2 > /proc/sys/net/ipv4/ip_dynaddr" doing for you? You might want to check to make sure that reverse path filtering is not turned on by default. You might also want to turn on verbose routing messages to see if there is any thing useful being reported.
Grant. . . .
next prev parent reply other threads:[~2005-05-07 6:12 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-05-06 16:36 Help: iptables NAT broken with pppoe Albrecht Dreß
2005-05-07 6:12 ` Taylor, Grant [this message]
2005-05-07 20:00 ` Albrecht Dreß
2005-05-09 5:56 ` Taylor, Grant
2005-05-09 14:08 ` Jason Opperisano
2005-05-09 18:37 ` Albrecht Dreß
2005-05-09 18:43 ` Taylor, Grant
2005-05-10 10:31 ` Andy Furniss
2005-05-10 10:36 ` Andy Furniss
2005-05-10 11:02 ` Albrecht =?unknown-8bit?q?Dre=DF?=
2005-05-10 13:19 ` Andy Furniss
2005-05-11 17:00 ` Albrecht Dreß
2005-05-11 18:39 ` Taylor, Grant
2005-05-10 3:00 ` R. DuFresne
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=427C5C41.3010407@riverviewtech.net \
--to=gtaylor@riverviewtech.net \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.