> I have a small LAN at home connected up to the net via a DSL modem on a gateway
> machine running lenny and iptables.
>
> I have a problem with some software running on a windows machine on the LAN
> where the company who wrote the sofware say that there must be something wrong
> with my internet connection, but can't help any further.
You can set a log-target in your firewall for these windows mashine, so
you can see what connection the mashine want to do.
I think on
iptables -A FORWARD -s <windows-IP> -o <DSL-device> \
-m state --state NEW -j LOG --log-prefix 'WIN-LOG: '
Than start the software and look into the logfiles on linux what
happens.
> I'd like to know what tests I can run to verify that my config and my firewall
> are OK, especially regarding PMTU.
>
> I had an issue before this which I solved by adding some ICMP related rules to
> iptables, and by disabling the firewall on my DSL modem, which is undocumented
> by the manufacturer (and denied by their Support). It's iptables running on an
> embedded linux and resets itself every power cycle. I think it does ICMP
> clamping but I can telnet onto the modem and drop the rules (as long as I
> remember).
>
> What can I do with ping? This ping command gives suspicious results:
>
> ping -s 1473 mktgw1.ibllc.com
>
> One byte less and it works. Fragmentation also works for normal websites like
> news.bbc.co.uk.
How work your DSL-Link? I think its work with PPPoE. In this case, the
MTU is 1472. The MTU for the PPPoE can you set in your ppp-options.
> I'd massively appreciate any help with this! I'm stuck with either my own
> mistake, or until I can prove I haven't made one.
>
> Thanks
> Adam
np Sascha
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: http://lists.debian.org/1287755415.4569.11.camel@localhost.localdomain
No comments:
Post a Comment