Hi.
The machine is PIII 800 Mhz, 2 NICS, 256 MB ram, redhat 7.1
I have iptables v1.2.1a and kernel 2.4.2-2.
I have one spool of 228 ip's reals, and make SNAT with iptables for 300
clients.
The rules for the iptables is:
echo "1" >/proc/sys/net/ipv4/ip_forward
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o eth1 -j SNAT --to
w.x.y.26-w.x.y.254
The modules charged is:
Module Size Used by
iptable_mangle 2272 0 (autoclean) (unused)
iptable_filter 2304 0 (autoclean) (unused)
ip_conntrack_irc 3040 0 (unused)
ip_conntrack_ftp 2480 0 (unused)
ip_nat_irc 4320 0 (unused)
ip_nat_ftp 3760 0 (unused)
iptable_nat 16160 2 [ip_nat_irc ip_nat_ftp]
ip_conntrack 15824 3 [ip_conntrack_irc ip_conntrack_ftp
ip_nat_irc ip_nat_ftp iptable_nat]
ip_tables 11072 6 [iptable_mangle iptable_filter
autofs 11264 1 (autoclean)
3c59x 25344 2 (autoclean)
The problems is:
www.latinchat.com in the application of the java chat, no charged, in the
page see "status: server connection"
www.todito.com in the option mail, compose new mail, the page mark error in
the conection.
i have clients of "cybercafe" (rent of computers with INTERNET), and use
www.latinchat.com for chating, and no work correctly.
I update the kernel for the kernel 2.4.7 and iptables 1.2.2, how modules of
the kernel and, the problems is others.
I update the kernel for the kernel 2.4.7 and iptables 1.2.2, how part of the
kernel and, the problems is the same.
Kernel 2.4.2-2 and iptables 1.2.1a
The unique solution for this moment is:
***********
destiny 200.23.36.91 and 200.23.36.92, is the servers for www.todito.com
***********
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -d 200.23.36.91/32 -o eth1
-j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -d 200.23.36.92/32 -o eth1
-j MASQUERADE
*************
destiny lan 216.167.0.0/16 and 209.67.42.0/24 , is the servers for
www.latinchat.com
*************
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -d 216.167.0.0/16 -o eth1
-j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -d 209.67.42.0/24 -o eth1
-j MASQUERADE
***********************
For the services normals SNAT work correctly
***********************
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o eth1 -j SNAT --to
w.x.y.26-w.x.y.254
AND every work correctly with MASQUERADE in www.todito.com and
www.latinchat.com
BUT, whats is the problem here??
whats with the iptables 1.2.1a works correctly icq, and with the iptables
1.2.2 no work correctly icq? (session of chat's, file transfers in the same
lan, and the icq connect fails somes times.)
Thanks for help mee.!
--
Johnny Gonzalez Dominguez
Ingenieria de Software
Telecable Morelos
Cuernavaca, Morelos
Tel. (52)(7)3292497
johnny@cableonline.com.mx
johnny_40000@yahoo.com
ICQ #75046976
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
The machine is PIII 800 Mhz, 2 NICS, 256 MB ram, redhat 7.1
I have iptables v1.2.1a and kernel 2.4.2-2.
I have one spool of 228 ip's reals, and make SNAT with iptables for 300
clients.
The rules for the iptables is:
echo "1" >/proc/sys/net/ipv4/ip_forward
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o eth1 -j SNAT --to
w.x.y.26-w.x.y.254
The modules charged is:
Module Size Used by
iptable_mangle 2272 0 (autoclean) (unused)
iptable_filter 2304 0 (autoclean) (unused)
ip_conntrack_irc 3040 0 (unused)
ip_conntrack_ftp 2480 0 (unused)
ip_nat_irc 4320 0 (unused)
ip_nat_ftp 3760 0 (unused)
iptable_nat 16160 2 [ip_nat_irc ip_nat_ftp]
ip_conntrack 15824 3 [ip_conntrack_irc ip_conntrack_ftp
ip_nat_irc ip_nat_ftp iptable_nat]
ip_tables 11072 6 [iptable_mangle iptable_filter
autofs 11264 1 (autoclean)
3c59x 25344 2 (autoclean)
The problems is:
www.latinchat.com in the application of the java chat, no charged, in the
page see "status: server connection"
www.todito.com in the option mail, compose new mail, the page mark error in
the conection.
i have clients of "cybercafe" (rent of computers with INTERNET), and use
www.latinchat.com for chating, and no work correctly.
I update the kernel for the kernel 2.4.7 and iptables 1.2.2, how modules of
the kernel and, the problems is others.
I update the kernel for the kernel 2.4.7 and iptables 1.2.2, how part of the
kernel and, the problems is the same.
Kernel 2.4.2-2 and iptables 1.2.1a
The unique solution for this moment is:
***********
destiny 200.23.36.91 and 200.23.36.92, is the servers for www.todito.com
***********
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -d 200.23.36.91/32 -o eth1
-j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -d 200.23.36.92/32 -o eth1
-j MASQUERADE
*************
destiny lan 216.167.0.0/16 and 209.67.42.0/24 , is the servers for
www.latinchat.com
*************
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -d 216.167.0.0/16 -o eth1
-j MASQUERADE
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -d 209.67.42.0/24 -o eth1
-j MASQUERADE
***********************
For the services normals SNAT work correctly
***********************
/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o eth1 -j SNAT --to
w.x.y.26-w.x.y.254
AND every work correctly with MASQUERADE in www.todito.com and
www.latinchat.com
BUT, whats is the problem here??
whats with the iptables 1.2.1a works correctly icq, and with the iptables
1.2.2 no work correctly icq? (session of chat's, file transfers in the same
lan, and the icq connect fails somes times.)
Thanks for help mee.!
--
Johnny Gonzalez Dominguez
Ingenieria de Software
Telecable Morelos
Cuernavaca, Morelos
Tel. (52)(7)3292497
johnny@cableonline.com.mx
johnny_40000@yahoo.com
ICQ #75046976
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com