Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 28 replies
  • Subscribers 2 subscribers
  • Views 19577 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Strange Masquerading Issue

Goldy_01
Hi.

Today I've got a call from a colleague.
From what he says - he can see in his firewall, the internal source address of some (not all) of the stations from my Lan network which connect to his servers.
Since my entire internal network doing Masquerading, I wonder how this could be.
As far as I know, only DNat transmit the source address.

Any Idea?
[:S]


This thread was automatically locked due to age.
Parents
  • 0
    Cool! 

    Barry, are those longer lines also ACKs?  What do you get with cc get packetfilter timeouts?

    If you have 30 for ip_conntrack_tcp_timeout_last_ack, what happens if you do the following?

    cc set packetfilter timeouts ip_conntrack_tcp_timeout_last_ack 45


    In fact, I'm just guessing that that might make a difference.

    Cheers - Bob
Reply
  • 0
    Cool! 

    Barry, are those longer lines also ACKs?  What do you get with cc get packetfilter timeouts?

    If you have 30 for ip_conntrack_tcp_timeout_last_ack, what happens if you do the following?

    cc set packetfilter timeouts ip_conntrack_tcp_timeout_last_ack 45


    In fact, I'm just guessing that that might make a difference.

    Cheers - Bob
Children
No Data