hi there, i dont use ssh, BUT, i was getting timeout problems when i
masqed an oracle database, oracle uses port 1521, and similar to you we
were loosing connections when we went through the ipchains firewall, the
solution was to set the timeout - i have included the ipchains rules
here just for completeness, you will put your ports and ip's in of
course - hope this helps
darrell
[EMAIL PROTECTED]
#!/bin/sh
echo DMZ
modprobe ip_masq_mfw
ipchains -I input -p tcp -y -d 161.184.137.127/32 1521 -m 1521
ipchains -I input -p tcp -y -d 192.168.1.1/32 1521 -m 1521
ipmasqadm mfw -A -m 1521 -r 192.168.222.222 1521
#Set timeouts to 2 hours, instead of default 15 minutes.
/sbin/ipfwadm -M -s 7200 10 60
[EMAIL PROTECTED] wrote:
I have a firewall with two network cards running Sid with kernel 2.2.17. I
have the following rule:
/usr/sbin/ipmasqadm portfw -a -P tcp -L $IP_REAL 22 -R $MAGNETO 22
And it works fine. IP_REAL is the dhcp granted IP from my ISP, MAGNETO is
the ssh server behind the firewall, and MYSTIQUE is the internal IP of the
firewall. When I try the following rule:
/usr/sbin/ipmasqadm portfw -a -P tcp -L $MYSTIQUE 22 -R $MAGNETO 22
I get timeout errors from ssh. With no rule, when trying to ssh to IP_REAL
from inside the firewall, I get timeout errors.
I'm trying to have an ssh request to kwiqsilver.org forward to magneto both
externally (which works) and internally, so I can access the CVS server with
my notebook inside or outside.
Is there a way to get this to work better? Would I be better off upgrading
to 2.4 to use the newer firewalling system?
Thanks,
Jason
