[ previous ] [ next ] [ threads ]
 
 From:  Mike Zanker <mike at zanker dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Red Hat up2date blocked by m0n0wall
 Date:  Sat, 05 Mar 2005 11:54:57 +0000
I have a couple of Red Hat Enterprise Linux boxes on my LAN behind 
m0n0wall 1.2b6 on a net4801. One is running RHEL 3 and the other RHEL 4. 
up2date works fine on the RHEL 3 box but fails while downloading updates 
on the RHEL 4 box. In fact, any HTTP or HTTPS downloads from Red Hat's 
servers fail on the RHEL 4 box. HTTP and HTTPS downloads from other 
sites are fine.

What happens is that m0n0wall suddenly starts blocking outgoing packets 
from the RHEL 4 box to Red Hat's servers. m0n0wall will suddenly start 
logging as follows:

Mar  5 11:24:47 ipmon[112]: 11:24:47.025684 sis0 @0:19 b 
81.187.x.x,32824 -> 209.132.177.120,80 PR tcp len 20 76 -A IN

Mar  5 11:24:48 ipmon[112]: 11:24:48.145162 sis0 @0:19 b 
81.187.x.x,32824 -> 209.132.177.120,80 PR tcp len 20 76 -A IN

Mar  5 11:24:50 ipmon[112]: 11:24:50.384959 sis0 @0:19 b 
81.187.x.x,32824 -> 209.132.177.120,80 PR tcp len 20 76 -A IN

where 81.187.x.x is the IP address of the RHEL 4 box (real IPs, no 
outgoing NAT). It looks like it is blocking RHEL 4 box's ACKs.

Doing exactly the same download on the RHEL 3 box works fine. The main 
difference between the two boxes is that RHEL 3 runs a 2.4 kernel, RHEL 
4 a 2.6 kernel. There is one firewall rule on the LAN interface (sis0), 
permitting all outgoing traffic.

Any ideas what might be causing this?

Thanks,

Mike.