Regarding Linux (RedHat v7.2/2.4.7-10 Kernel) and Echolink!

Regarding Linux (RedHat v7.2/2.4.7-10 Kernel) and Echolink!

[Bill Walton]

Hello Everyone - Happy New Year!

It is a beautiful day here in Southern California.  The sun is shining, 
not a cloud in the
sky, with a temp of 16 deg C.  I am still beating myself senseless 
trying to get my
RHv7.2 server set up so that Echolink will work on one of my LAN Windoze98
machines.  I have tried endless combinations of "ipchains" rules along 
with "ipmasqadm"
rules without any success at all.  If I do a "ipchains -L -v -n" the 
output says that
the "tcp" 5200 routing is correct, and that the udp 5198:5199 routing is 
correct, but it
does'nt work.  ACCEPT rules, FORWARDING rules, IPMASQADM rules,
IPCHAINS rules, none of them work.  Of course my demise is most likely 
due to the
fact that I don't know what I am doing.  I only have (3) years 
experience with Linux
and IPCHAINS, IPMASQADM and so on are not my strong points.

Using IPTABLES, I have the commands that will cure my ills, however I know
absolutely NOTHING about IPTABLES ... so I need to draw on your vast 
knowledge
base.  The "iptables" commands necessary to make Echolink work are:

Iptables -t nat -A PREROUTING -d (exit IP) -p udp --dport 5198 -i eth0 
-j DNAT
--to-destination (IP of machine where echolink resides)

The above command is repeated of course for udp port 5199.  IPtables has 
been
compiled into my kernel but when I try to enter the above "iptables" 
command I
get the following:

/lib/modules/2.4.7-10/kernel/net/ipv4/netfilter/ip_tables.o: 
init_module: device or
resource busy.

I reset all the ipchains rules "ipchains -F" and turned ip_forwarding 
off but still get
the same error.  Also the same error if I try to load the NAT module:

"modprobe iptable_nat"

Does anyone have and suggestions that would help me resolve the errors and
help me get everything set up properly?

Your help is always appreciated!

Regards,

Bill KJ6EO

Re: Regarding Linux (RedHat v7.2/2.4.7-10 Kernel) and Echolink!

[Kelly Black]

On Wed, 2003-01-01 at 16:17, Bill Walton wrote:
> Hello Everyone - Happy New Year!
SNIP---
> base.  The "iptables" commands necessary to make Echolink work are:
> 
> Iptables -t nat -A PREROUTING -d (exit IP) -p udp --dport 5198 -i eth0 
> -j DNAT
> --to-destination (IP of machine where echolink resides)
> 
> The above command is repeated of course for udp port 5199.  IPtables has 
> been
> compiled into my kernel but when I try to enter the above "iptables" 
> command I
> get the following:
> 
> /lib/modules/2.4.7-10/kernel/net/ipv4/netfilter/ip_tables.o: 
> init_module: device or
> resource busy.
> 

Bill, I did a google search for the error and found this suggestion that
the user that had the problem said worked for him.

------------------

service ipchains stop
chkconfig --level 345 ipchains off
rmmod ipchains

insmod ip_tables
chkconfig --level 345 iptables on

------------------

Looks like ipchains is fighting with iptables and can't be loaded at the
same time?  You probably have to remove the old to add ipchains service
to add the iptables service.

As to the PREROUTING rules.  The rules look ok for boxes connecting to
the echolink box from the outside, but you have to add a rule for the
internal boxes trying to get to the echolink box so your source and
desitination IP addresses are not the same after they are Masqueraded. 
You can make sure the internal boxes know about the echolink box by
adding a resolvable name to your hosts file on your 98 boxes that tells
the internal interface to talk to the echolink box with (so you don't do
a resolve to the external routeable IP and end up with the situation
that the source IP = destination IP after Masq operation).

Hope this makes sense, and or helps you.

Kelly
KB0GBJ