Web browsing problems with ipchains

Web browsing problems with ipchains

Post by tsao » Sun, 19 Dec 1999 04:00:00



Hello,

Has anyone else experienced a problem visiting a few http  sites from a
computer with use a masquerade chain on a linux box? The other computer find
the sites ok they just wait there for a long time and time out. If I use the
linux box it's displays the site without any problem. Also if you connect
using the modem on one of my PC's and browser back to the site it works
fine. The sites I'm having problems with is:

www.palm.com
www.americafirst.com

In detail, I have a linux box using:

diald-0.16-1.i386
ipchains-1.3.8-3
ppp-2.3.7-2
and all Intel pro 100 NICs
Linux box running Red Hat 6.0
Connected with a D-link DSS-8 switch

Thanks

Tsao

 
 
 

Web browsing problems with ipchains

Post by Jeff » Sun, 19 Dec 1999 04:00:00


i had no problem with those web pages on any box behind the masq linux
box.
i am using ipchains 1.3.9 dont know if thats going to help or not.
also how are you loading ipchains?
my /etc/rc.d/rc.local  files contains this for my masq to work

/sbin/depmod -a
/sbin/modprobe ip_masq_ftp
/sbin/modprobe ip_masq_raudio
/sbin/modprobe ip_masq_irc
/sbin/modprobe ip_masq_quake

# this is for ipchains
#*Deny all
/sbin/ipchains -P forward DENY
# now lets let my subnet masq
/sbin/ipchains -A forward -s 192.168.0.0/24 -j MASQ

of course replace the ip with your networks ip# 's

hope that helps if not maybe there is a something with the cache for
the browser try clearing it.


>Hello,

>Has anyone else experienced a problem visiting a few http  sites from a
>computer with use a masquerade chain on a linux box? The other computer find
>the sites ok they just wait there for a long time and time out. If I use the
>linux box it's displays the site without any problem. Also if you connect
>using the modem on one of my PC's and browser back to the site it works
>fine. The sites I'm having problems with is:

>www.palm.com
>www.americafirst.com

>In detail, I have a linux box using:

>diald-0.16-1.i386
>ipchains-1.3.8-3
>ppp-2.3.7-2
>and all Intel pro 100 NICs
>Linux box running Red Hat 6.0
>Connected with a D-link DSS-8 switch

>Thanks

>Tsao



 
 
 

Web browsing problems with ipchains

Post by Bit Twist » Mon, 20 Dec 1999 04:00:00


I am running redhat 6.1 through ipchains and was able to
get the page on www.americafirst.com

I used
http://linux-firewall-tools.com/linux/firewall/index.html
to build my ipchains rules.


>Hello,

>Has anyone else experienced a problem visiting a few http  sites from a
>computer with use a masquerade chain on a linux box? The other computer find
>the sites ok they just wait there for a long time and time out. If I use the
>linux box it's displays the site without any problem. Also if you connect
>using the modem on one of my PC's and browser back to the site it works
>fine. The sites I'm having problems with is:

>www.palm.com
>www.americafirst.com

>In detail, I have a linux box using:

>diald-0.16-1.i386
>ipchains-1.3.8-3
>ppp-2.3.7-2
>and all Intel pro 100 NICs
>Linux box running Red Hat 6.0
>Connected with a D-link DSS-8 switch

>Thanks

>Tsao


 
 
 

Web browsing problems with ipchains

Post by dav » Mon, 20 Dec 1999 04:00:00



says...

>Hello,

>Has anyone else experienced a problem visiting a few http  sites from a
>computer with use a masquerade chain on a linux box? The other computer find
>the sites ok they just wait there for a long time and time out. If I use the
>linux box it's displays the site without any problem. Also if you connect
>using the modem on one of my PC's and browser back to the site it works
>fine. The sites I'm having problems with is:

>www.palm.com
>www.americafirst.com

>In detail, I have a linux box using:

>diald-0.16-1.i386
>ipchains-1.3.8-3
>ppp-2.3.7-2
>and all Intel pro 100 NICs
>Linux box running Red Hat 6.0
>Connected with a D-link DSS-8 switch

>Thanks

>Tsao


Hi,

You just need to set your MTU to 1500.  It is some sort of issue
with the defragmenting of masqueraded ip packets and the 1500 ethernet
frame size.

(Or we can just say an MTU of 1500 has always fixed my masq website
problems and I can browse the websites you refer to with my masq box). ;)

Dave

 
 
 

1. Web browsing problems on LAN through RH7.2 ipchains firewall

Hi,

I am having a few problems with a Red Hat 7.2 firewall running ipchains.

The setup is ISP -> ADSL Router -> Firewall -> Hub (rest of LAN).

The workstations on the LAN are configured to query DNS servers of the ISP,
and the firewall as the default gateway.

The problem is Internet browsing.  Unfortunately I am not on site at the
moment so I can't see the problems for myself, but the users are
complaining of slow connections to some web sites, and even timeouts.  I am
not sure how reproducible the problems are, but I would like to know if
there is anything obviosly wrong with the above setup.

Would things be improved by running squid and/or a caching DNS server on
the firewall?  How can I analyse where the holdup is?  For all
I know, it could be network congestion on their LAN, how can I measure this?

Any help would be very much appreciated, I have just about run out of
ideas...

Tony

2. w32 server and sony cpd-1730 ????

3. KDE offline web-browsing problem

4. problem with mSQL?

5. Access Point using Hostap - Problems calling wicontrol scripts, web browsing with clients

6. (3rd Post..) LILO Boot floppy/ Accessing DOS files...

7. Problems Browsing Web Pages

8. unable to format floppy

9. Apache Httpd Web Browsing Problems

10. Linux PPP and Web browsing problem

11. Problem Browsing Web Pages

12. Sun Blade 100 ringing sound when web browsing...

13. Browsing Web Pages