* [LARTC] Delay when changing DNAT rules
@ 2006-03-19 15:13 Andrew Beverley
2006-03-19 15:29 ` Alexandru Dragoi
0 siblings, 1 reply; 2+ messages in thread
From: Andrew Beverley @ 2006-03-19 15:13 UTC (permalink / raw)
To: lartc
Whenever I add or remove a DNAT rule such as:
iptables -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.0.1
there is sometimes a delay before the correct nat'ing is done. Can anyone tell
me why this is? Is it something to do with caching of routing tables? If so, is
there a way to clear them to ensure that the rule takes effect immediately?
I am building a simple captive portal solution for my network. By default people
are directed to the local web server as per the rule above, and once logged in
they are allowed access to the web. When logging in the user is directed to
their choice of webpage, but this is often not displayed and instead the
connection is routed once again to the local web server as above. Even deleting
the DNAT rule altogether seems to sometimes take a while to update.
Andy
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [LARTC] Delay when changing DNAT rules
2006-03-19 15:13 [LARTC] Delay when changing DNAT rules Andrew Beverley
@ 2006-03-19 15:29 ` Alexandru Dragoi
0 siblings, 0 replies; 2+ messages in thread
From: Alexandru Dragoi @ 2006-03-19 15:29 UTC (permalink / raw)
To: lartc
Andrew Beverley wrote:
>Whenever I add or remove a DNAT rule such as:
>
>iptables -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.0.1
>
>there is sometimes a delay before the correct nat'ing is done. Can anyone tell
>me why this is? Is it something to do with caching of routing tables? If so, is
>there a way to clear them to ensure that the rule takes effect immediately?
>
>I am building a simple captive portal solution for my network. By default people
>are directed to the local web server as per the rule above, and once logged in
>they are allowed access to the web. When logging in the user is directed to
>their choice of webpage, but this is often not displayed and instead the
>connection is routed once again to the local web server as above. Even deleting
>the DNAT rule altogether seems to sometimes take a while to update.
>
>Andy
>_______________________________________________
>LARTC mailing list
>LARTC@mailman.ds9a.nl
>http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>
>
You can try to disable KeepAlive from your apache server.
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-03-19 15:29 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-03-19 15:13 [LARTC] Delay when changing DNAT rules Andrew Beverley
2006-03-19 15:29 ` Alexandru Dragoi
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.