IP MASQUERADING broken again from v1.3.81 onwards

Madhusudana Rao R (madhur@sasi.ernet.in)
Fri, 5 Apr 1996 14:43:25 +0500 (IST)


I have a working v1.3.80 which does IP Masquerading very neatly. As I am
just experimenting, I simply do

ipfwadm -F -p masquerade

that is, the default Forwarding Firewall behaviour is to masquerade. The
ipfwadm package is ipfwadm-2.0beta2.

But all the kernel versions 1.3.8[1-4] seem to have broken the
masquerading code. I can open certain connections like telnet, http etc,
but while ftp the data connections do not seem to be getting established.
I can watch the connections with

ipfwadm -M -l -n

which lists the ports and I have never seen port 20 anytime in these
kernel versions.

Has this something got to do with the recent reorganization of the
masquerading code ? It looks so, because if I disable masquerading, IP
forwarding as such is working cleanly.

I am trying to figure out what is going wrong. If any one out there can
find further clues ...