What does ipchains -L show? I am not on a Linux box but I think that is
the command to print out the current rules. Probably in /proc somewhere
too. I have been disappontied in the amount of informatin acutally
output with the -L command but I don't remember why off hand. The ppp
connection has not been bounced and given a new ip address has it? That
might casue the symptoms you describe depending on how your rules are
set.
Seems like there is a command mentioned in the ipchains man page that
will output to a file a list of commands that will recreate the current
setup. This might be more informative than the ipchains -L. I was
going to do this for trouble shooting a box but found the probelm before
I got that far.
Bret
Greg Wright wrote:
>
> Make sure it is not the PPP session thats dead, or your ISPs routing, man
> ipchains .... and flush em, you could set it up in the script as well
> to do this, and once a day run the script from cron if in fact it is chains
>
> *********** REPLY SEPARATOR ***********
>
> On 18/03/00 at 19:12 Chris Dowling wrote:
>
> >Hi hatters
> >
> >I have a box here running rh6.1 here.
> >
> >I have a problem with my ipchains configuration on my ppp interface.
> >
> >I set it up, all fine and dandy. everything works fine.
> >blocks all incoming traffic except what I want to let through (ie: ssh)
> >and the network on the inside can talk out to the real world fine, etc...
> >
> >BUT: after some large period of time (we're talking a few days here),
> >ipchains decides to treat all packets as though they don't match any of
> >the rules in my chains. This is only on my pp interface though.
> >
> >This effectively renders my machine inaccessable from the real world as
> >though I have done a "ipchains -i ppp -j REJECT". The internal network
> >also cannot talk to the real world. it's as thought the pp link just dies!
> >
> >I thought that maybe zeroing the counters might fix it, but to no avail. I
> >also though maybe a magic "echo 1 > /proc/somefile" but I don't know
> >which file to do it on.
> >
> >has anybody got any suggestions? This is kinda frustrating, as I use alot
> >from work.
> >
> >Looking forward to ANY suggestion!
> >
> >Chris.
> >
>
> Regards
>
> Greg Wright
> IT Consultant Sydney Australia
>
> --
>
> *** Please trim any replies ***
> *** Please turn off HTML in your email ***
> *** Please don't use the list for test messages ***
> *** Why not read the archives? http://moongroup.com/redhat.phtml ***
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
