There is a bug in recent 2.1 kernels which shows incorrect packets to the
snooping code.
Incoming packets on the PPP device are un-masqueraded before being passed to
diald for parsing.
This means that diald sees two connections for every one that you have open -
it sees one from the masquerading host, and one from the internal machine.
As diald only ever sees a FIN packet go past on one of the two links that it
sees, it doesn't ever think the other one has died, and that's why the link
stays up.
For example, here's an ICMP echo as tcpdump sees it on our PPP link:
14:47:47.848815 158.152.16.50 > 158.152.1.222: icmp: echo request
14:47:47.888815 158.152.1.222 > 10.0.1.4: icmp: echo reply
^^^^^^^^
This is wrong. Our ISP definitely did not
send us a packet with the IP dest. address
10.0.1.4.
After the message quoted below, I thought that the networking changes in
2.1.120 would fix this, but they haven't:
kuznet@ms2.inr.ac.ru said:
> dwmw2 wrote:
> > However, if I run this on my IP Masquerading dial-up box, the outgoing
> > packets show up OK, but the incoming packets are already rewritten to the
> > masqueraded (internal) address before I see them.
>
> Yes, it is one of well-known bugs common to all kernels. Seems, I
> collected all the garbage of this kind, (at least, which I was aware
> of) and hope the patchset finally will percolate to released kernel.
Alexey - are there more changes to come?
---- ---- ----
David Woodhouse David.Woodhouse@mvhi.com Office: (+44) 1223 810302
Project Leader, Process Information Systems Mobile: (+44) 976 658355
Axiom (Cambridge) Ltd., Swaffham Bulbeck, Cambridge, CB5 0NA, UK.
finger dwmw2@ferret.lmh.ox.ac.uk for PGP key.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/faq.html