[ previous ] [ next ] [ threads ]
 
 From:  "Quark IT - Hilton Travis" <Hilton at quarkit dot com dot au>
 To:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall-dev] TrafficShaping + NAT
 Date:  Tue, 19 Dec 2006 16:32:30 +1000 
> -----Original Message-----
> From: Chris Buechler [mailto:cbuechler at gmail dot com]
> Sent: Monday, 18 December 2006 6:38 AM
> 
> On 12/17/06, Chris Andrist <chris at yeahmon dot net> wrote:
> > I currently use traffic shaping and NAT with m0n0wall. I am 
> > currently using 1.23b1, because it was causing problems when 
> > multiple computers were using the internet. For one on my 
> > wife's laptop it would not even connect to the apple 
> > software update.
> > 
> > I know that the beta website says "a rather intrusive kernel 
> > patch was required to make concurrent traffic shaping + NAT 
> > on the WAN interface possible; if you rely on this feature, 
> > please test it well and report any problems"
> 
> There are no known issues with 1.2x, and none of this applies 
> to that series.  Any connectivity issues you're having with 
> 1.2x aren't issues with the system, if you're having problems 
> there must be something wrong with your particular setup.  As 
> to what that might be, without a lot more information about 
> your setup it's impossible to say.
> 
> As for this particular issue, it only affects inbound NAT (if 
> you open ports on your WAN into hosts on internal networks), 
> and the problem it causes is that the inbound traffic just 
> disappears.  It has no effect on outbound traffic.  As for 
> what tests would be appropriate, just making sure inbound NAT 
> works when using traffic shaping would suffice.  The other 
> potential issue is kernel panics, which will be apparent 
> eventually if that's an issue.
> 
> -Chris

Hi Chris,

We use inbound NAT and also traffic shaping.  I updated to the 1.3B1
release the day it was released and have not noticed anything "weird" or
"air gappy" since.  What sort of issues should I look out for to report,
and what settings will cause these issues (so I can check to see if I'm
even likely to notice any issues).

(Out of interest, we have 25, 443, 4125 and SIP-related ports open here
to inbound traffic.)

--

Regards,

Hilton Travis                          Phone: +61 (0)7 3344 3889
(Brisbane, Australia)                  Phone: +61 (0)419 792 394
Manager, Quark IT                      http://www.quarkit.com.au
         Quark AudioVisual             http://www.quarkav.net

War doesn't determine who is right.  War determines who is left.

This document and any attachments are for the intended recipient 
  only.  It may contain confidential, privileged or copyright 
     material which must not be disclosed or distributed.

                    Quark Group Pty. Ltd.
      T/A Quark Automation, Quark AudioVisual, Quark IT