Greetings. I'm having some trouble with IP Masquerading under 2.0.30.
My setup is quite straightforward:
Internet-----eth0[arrakis (masq host)]eth1---[sandworm (192.168.1.2)]
Masqueraded Telnet connections (from sandworm to anywhere that isn't
arrakis) seem to time out after a time. (I thought masquerade entries were
supposed to stay active as long as a masq'd TCP/IP connection was open?)
If not, I've found a quick and dirty hack to (possibly) change this (not
being a kernel hacker, I wanted to make sure this was necessary, and if
there was a better way to do this?)
change ip_masq_set_expire (in net/ipv4/ip_masq.c):
void ip_masq_set_expire(struct ip_masq *ms, unsigned long tout)
{
if (tout) {
+ if (ms->dport == TELNET_PORT) {
+ tout += TELNET_DELAY;
+ }
ms->timer.expires = jiffies+tout;
add_timer(&ms->timer);
} else {
del_timer(&ms->timer);
}
}
(where TELNET_PORT is #defined to be 23 and TELNET_DELAY is the additional
jiffy delay)
TIA, and since I only get a chance to read about half of the digests,
please CC me on any replies.
-brian
--------------------------------------------------------------------------
brian h. trammell <brian@altara.org> http://www.altara.org/~brian
georgia tech civil engineering system administration
"The problem with the rat race is that the
winner is still a rat."
0xf00fc7c8