newbee. too stoopid to get this to work. :-)

newbee. too stoopid to get this to work. :-)

Post by Dr.X » Wed, 25 Jun 2003 12:41:32



Hi all.
i hope some one can help me on this? I installed a NetBSD box to use
as a firewall and nat for my windowz machines. the setup i used was
the NetBSD Firewall Project at http://www.dubbele.com/ wich allows for
a minimum downlaod and easy setup. I have done it before at the office
and it works great. but this time i have a problem. i am unable to
browes some sites from the client machines. and i am unable to ping
those sites. when i bypass the NetBSD box, i can ping and browse just
fine. it's only some sites, and it's always the same sites. the ping
respons i get is either a time out, or unreachable (as reported by the
NetBSD gateway). is there something i forgot to do? i found some
reports of this in the windows world having to do with the MTU size
being wrong or missmatched or somthing like that, but no matter what
setting i use in the windows registry, it does not correct the
problem. is there a MTU size setting in netbsd some where?

setup=
2 win2k clients-each w/3com nics (can't rmber model of nics)
1 netbsd firwall/nat w/2 3com nics-one gets static ip from cable
company, the other is assigned 192.168.1.250

is there anything crazy i have to put into the ip.conf file or the
ipnat.conf or maybe the whozy-whatsy.conf? :-)

thanks for the help.
Dr.X

PS: NetBSD ROCKS!

 
 
 

newbee. too stoopid to get this to work. :-)

Post by Karsten Krus » Thu, 26 Jun 2003 21:47:26



> and it works great. but this time i have a problem. i am unable to
> browes some sites from the client machines. and i am unable to ping
> those sites. when i bypass the NetBSD box, i can ping and browse just
> fine. it's only some sites, and it's always the same sites. the ping

Try this:

# /etc/ipnat.conf
# NAT
map pppoe0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp mssclamp 1412
map pppoe0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto mssclamp 1412
map pppoe0 192.168.1.0/24 -> 0/32 mssclamp 1412

And:

# /etc/sysctl.conf
# Obey interface MTUs when calculating MSS
net.inet.tcp.mss_ifmtu=1

That works fine with 1.6.1 and the German Telekom's DSL. I had the same
problem and this is my solution.

Good luck

Karsten

--
        Homepage, Mac68k, A/UX-Links und Shorties: www.tecneeq.de
  ()    Linux/NetBSD-Anleitungen, Forum  und Chat: www.newbie-net.de
 <\/>
 _/\_   When you are in it up to your ears, keep your mouth shut.

 
 
 

newbee. too stoopid to get this to work. :-)

Post by Dr.X » Fri, 27 Jun 2003 02:01:47



...>

Quote:> Try this:

> # /etc/ipnat.conf
> # NAT
> map pppoe0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp mssclamp
1412
> map pppoe0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto mssclamp 1412
> map pppoe0 192.168.1.0/24 -> 0/32 mssclamp 1412

> And:

> # /etc/sysctl.conf
> # Obey interface MTUs when calculating MSS
> net.inet.tcp.mss_ifmtu=1

> That works fine with 1.6.1 and the German Telekom's DSL. I had the
same
> problem and this is my solution.

> Good luck

> Karsten

> --
>         Homepage, Mac68k, A/UX-Links und Shorties: www.tecneeq.de
>   ()    Linux/NetBSD-Anleitungen, Forum  und Chat: www.newbie-net.de
>  <\/>
>  _/\_   When you are in it up to your ears, keep your mouth shut.

Thank you Karsten. Unfortunately, i did not have a chance to see and
try your solution before i changed the network card. i'm not sure if
the card was defective, or if my setup was faulty, but it now works
perfectly as NetBSD usually does. I appreciate the help. I have saved
your message for the next firewall i make in case i have the same
problem. i'm also keeping the nic to try on the next one too so i can
see if that was the cause of the problem.

Again, thank you very much.

Dr.X

 
 
 

1. newbee call for help getting lvm working

Hi ,
i was trying to get the patch from Anders Gustafsson working in 2.5.20,
but i'm getting  by compilation:
....
lvm.c: In function `__update_hardsectsize':
lvm.c:2021: warning: implicit declaration of function `get_hardsect_size'
...
and by make modules_install:
...........
depmod: *** Unresolved symbols in
/lib/modules/2.5.20-dj3-lvm-xfs2/kernel/drivers/md/lvm-mod.o
depmod:         get_hardsect_size
make: *** [_modinst_post] Error 1
............

it seems that this function is disapeared between 2.5.18 and 2.5.20
(the patch from Anders Gustafsson is against 2.5.18)

can smbd please help me to solve this issue

regards

svetljo

the patch :
http://www.linuxhq.com/kernel/v2.5/unofficial/v2.5.18/patches/lvm-cle...

and the correspondig text from drivers/md/lvm.c :
..............
static void __update_hardsectsize(kern_lv_t *lv) {
    int le, e;
    int max_hardsectsize = 0, hardsectsize;

    for (le = 0; le < lv->lv_allocated_le; le++) {
        hardsectsize = bdev_hardsect_size(lv->lv_current_pe[le].bdev);
        if (hardsectsize == 0)
            hardsectsize = 512;
        if (hardsectsize > max_hardsectsize)
            max_hardsectsize = hardsectsize;
    }

    /* only perform this operation on active snapshots */
    if ((lv->lv_access & LV_SNAPSHOT) &&
        (lv->lv_status & LV_ACTIVE)) {
        for (e = 0; e < lv->lv_remap_end; e++) {
            hardsectsize =  get_hardsect_size(
lv->lv_block_exception[e].rdev_new);
            if (hardsectsize == 0)
                hardsectsize = 512;
            if (hardsectsize > max_hardsectsize)
                max_hardsectsize = hardsectsize;
        }
    }
............................

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in

More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

2. MPEG-1 S3 Driver Source

3. newbee needs help getting sendmail to work

4. IBM Token turbo isa compatible ?

5. InfoExplorer works under X11R5 now :-) :-)

6. Segmentation fault?

7. DOSEMU works better than DOS :-) :-)

8. serial port programming in C

9. I tried LINUX :-) :-)

10. Getting CPU usage info in C code on Solaris 7 - advice would be nice :-)

11. Trouble getting up :-)!

12. Gnome won't work>>Newbee asking for help

13. DEL key...I want it working.... :-)