Giacomo <(E-Mail Removed)> wrote:
> I finished developing an ipv4 forewall with NAT/MASQUERADING and
> have been testing it for some time with success connecting from
> home to my ISP named "libero".
Did you use iptables to "develop" the firewall or code it yourself?
> Then i changed ISP to another one, called "telecom" and with great
> surprise i discovered that images from sites and also sites failed
> to load.
> So now, when i call an ISP all works fine, when i call the other,
> things go wrong.
What type of ISP connection? PPP, PPPoE, plain ADSL, or other?
> I NAT machines behind my firewall changing only ips and ports,
> and recalculating checksum (ip and tcp/udp) to adjust such changes.
> I do not touch any other field as window size or seq number or ack,
> since the only things i manipulate are addresses and ports.
Are you sure the problem is the firewall you developed? That is,
have you tried telecom without a firewall?
> I was wondering what i could do to solve, since iptables and
> ipfw+natd on freeBSD or winXP sp2 work fine with this ISP...
If there is no problem in Linux without the firewall then it's a
firewall problem. If there is a problem without the firewall then
it's likely some connection configuration which was compatible with
the other ISP needs tuning for telecom.
> Tweaking with ethereal i found that probably sometimes a tcp segment
> gets lost.
> * Thanks to news help, i tried to lower MTU and to disable ECN,
> but the problem persists. *
> My firewall is a 2.6.12 kernel module which registers with netfilter
> hooks. A userspace program sends rules to kernel via netlink.
That sounds like you coded the firewall. Maybe you should try asking
on comp.os.linux.development.alps.
> I thank anyone who could help me find the way to fix the problem
> or understand what could be wrong with an ISP network and anyway
> work fine with the other.
--
Clifford Kite Email: "echo
xvgr_yvahk-(E-Mail Removed)|rot13"
Similar Threads
Linear Mode
