Re: Are iptables rules absolutely neccessary?

From: Ed Murphy (emurphy42_at_socal.rr.com)
Date: 10/18/03 

Date: Sat, 18 Oct 2003 03:15:49 GMT

[crosspost to c.o.l.networking added]

On Fri, 17 Oct 2003 21:59:28 -0400, Ben Logan wrote:

> If your MTU size is
> smaller on the Linux client than on the gateway, every packet will be
> fragmented. This wouldn't be a problem except that some webserver admins
> erroneously block all ICMP messages (in order to avoid things like the
> ping of death) and this prevents the server from sending a message back to
> your client to drop the MTU size.

I have this in my iptables. Is it erroneous?

-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j REJECT --reject-with icmp-port-unreachable

I had the opposite of the OP's config: RH9 acting as a gateway for
Win2K Pro. Worked fine for several weeks, then abruptly quit a couple
of days ago. I hadn't changed iptables nor the MTU size, and I don't
*think* anything had changed on the Windows side, but you never know...

Is this line (from the *nat section) erroneous?

-A POSTROUTING -o eth0 -j MASQUERADE

eth0 connects to the outside world; eth1 connects to the crossover
cable. I'm pretty sure this hadn't changed.

RH9 can ping the outside world and Windows; Windows can ping RH9,
but cannot nslookup or otherwise see the outside world.

Any and all suggestions welcome.

Relevant Pages

  • Re: Windows File Protection/Wrong CD Problem
    ... Thanks for your comments and suggestion regarding contacting Gateway ... support). ... "Files that are required for Windows to run properly have been replaced by ... > it was pre-installed on your computer by Gateway, you are running an OEM ...
    (microsoft.public.windows.file_system)
  • Re: Not a "Genuine Copy", and an "Invalid Activation Key" from Gat
    ... Installing SP1 changes the underlying code that pirates use to counterfeit the Windows Vista DVD. ... OEM copies, regardless of whether Gateway purchased it or you bought it yourself come with no Microsoft support; sadly those are the rules, that is why OEM are less expensive that retail copies. ... The information in this mail/post is supplied "as is". ...
    (microsoft.public.windows.vista.installation_setup)
  • Re: Windows File Protection/Wrong CD Problem
    ... I didn't follow the links from there because I don't have a Gateway or the support documents or that protected partition with all those files and probably would not have understood further instructions. ... For an OEM-installed WinXP, your support comes from the OEM, not from Microsoft. ... Microsoft Windows MVP ...
    (microsoft.public.windows.file_system)
  • Re: replacing motherboard questions
    ... I just bought a used Gateway E-2000 with a Pentium 4 and a very small, very noisy hard drive, and all the disks for Window 2000. ... The Windows XP user license for the HP is very likely an OEM license that does not authorize you to use the Operating System on another computer. ...
    (microsoft.public.windowsxp.basics)
  • Re: windows xp error message
    ... > I've never had a Gateway computer, ... > If it does say SP2, then you will need an updated CD-ROM that has SP2 ... > integrated into WinXP. ... If you got SP2 online from Windows Update, ...
    (microsoft.public.windowsxp.help_and_support)