From: Julian Anastasov <ja@ssi.bg>
To: lartc@vger.kernel.org
Subject: Re: [LARTC] Solved: Using more than 1 Internet Line
Date: Mon, 03 Dec 2001 21:43:36 +0000 [thread overview]
Message-ID: <marc-lartc-100741581613787@msgid-missing> (raw)
In-Reply-To: <marc-lartc-100742079800981@msgid-missing>
Hello,
On Mon, 3 Dec 2001, Whit Blauvelt wrote:
> Thanks Christoph (and Julian!), by happy coincidence this is exactly what
> I'm looking for today.
>
> In nano.txt you say the firewall, for iptables, must be stateful. Of course,
> ipchains doesn't do stateful. I'm looking at using Julian's patches with a
Assume that this is recommendation (should).
> 2.2.20 kernel and ipchains and masquerading. Does anyone know offhand
> whether I should:
>
> 1. Expect this to work?
If the settings are correct and I didn't broke something
when building all pieces together. The end goal of the patches
both for 2.2 and 2.4 should be same. The implementations differ,
Netfilter is more suitable for such changes while 2.2 has some
weirdness supporting these extensions. The same weirdness you can
see in the changes for the ipchains compat code in 2.4.
> 2. Expect this to get weird?
>
> If 2:
>
> - What weirdness should I look out for?
Make some tests before going to production :) It needs
some understanding. That is why the document Christoph wrote is
so useful.
> - What, in theory, is the statefulness accomplishing in this context?
If I understand your question correctly, this is not a goal.
It is a conntracking specific thing which is not touched from these
patches. These patches change the routing and the way it is used from
NAT after adding or extending some nice features.
> Whit
Regards
--
Julian Anastasov <ja@ssi.bg>
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/
next prev parent reply other threads:[~2001-12-03 21:43 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-12-02 19:24 [LARTC] Solved: Using more than 1 Internet Line Christoph Simon
2001-12-02 19:41 ` Christoph Simon
2001-12-03 20:22 ` Whit Blauvelt
2001-12-03 20:45 ` Christoph Simon
2001-12-03 21:43 ` Julian Anastasov [this message]
2001-12-03 22:04 ` Arthur van Leeuwen
2001-12-03 22:19 ` Christoph Simon
2001-12-03 22:33 ` Whit Blauvelt
2001-12-03 22:44 ` Julian Anastasov
2001-12-04 8:52 ` Arthur van Leeuwen
2001-12-04 10:57 ` Julian Anastasov
2001-12-04 11:05 ` Christoph Simon
2001-12-04 16:13 ` Don Cohen
2001-12-04 16:20 ` Arthur van Leeuwen
2001-12-04 16:56 ` Don Cohen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=marc-lartc-100741581613787@msgid-missing \
--to=ja@ssi.bg \
--cc=lartc@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox