[nylug-talk] citibank behind ipchains masq
mokeefe at qualcomm.com
Mon Mar 18 11:58:20 PST 2002
Did you use tcpdump to find out what was going where and what was missing to
cause them to not access it ?
> The issue once again: A RH6.2 firewall can access citibank.com fine on
> console via a dialup ppp. The Win computers on the LAN it's serving with
> very basic ipchains masq rules cannot. Other sites/services work fine on
> the LAN.
> // George
> PS - upgrading a rh6.2 to a 2.4 kernel is not trivial.
> On Fri, Mar 15, 2002 at 04:34:43PM -0500, John Hughes wrote:
> >Its not like he can't upgrade the kernel....heck, I bet there is even a RH
> >upgrade for 6.2...hmmm...ok, just looked a bit....maybe no official 2.4
> >update for RH6.2......but still, its so easy to upgrade a kernel.
> >> Yeah, tcp_ecn is a 2.4 kernel-only thing, so it won't be the issue on a 6.2
> >> box. It frequently pops up as a problem in Squid proxies running on 2.4
> >> kernels.
Michael O'Keefe | mokeefe at qualcomm.com_
Live on and Ride a '96 Honda CBR1000F| roxus at home.com / |
I like less more or less less than |Work:+1 858 845 3514 / |
more. UNIX-live it,love it,fork() it |Fax :+1 858 651 1984 /_p_|
My views are MINE ALONE, blah, blah, |Home:+1 858 748 5432 \`O'|
blah, yackety yack - don't come back |Fax :+1 858 _/_\|_,
More information about the KPLUG-List