telnet/ssh disconnects... Possible NAT teardown?

Mike Klinke lsomike at futzin.com
Fri Feb 6 05:12:16 UTC 2004 

On Thursday 05 February 2004 18:57, Jeremy wrote:
> --- Mike Klinke <lsomike at futzin.com> wrote:
> > On Thursday 05 February 2004 16:49, Jeremy wrote:
> > > Alright, I'm using Fedora Core 1.  My box is setup as a router
> > > for the rest of my network.  It has two network cards, one 10
> > > base card connected to a cable modem, and another 10/100
> > > connected to my network switch.  I have iptables setup to do
> > > masquerading.
> > >
> > > The problem...
> > >
> > > Telnet/SSH connections to the machine, from the outside world,
> > > disconnect after 5-10 minutes of inactivity.  For example, I
> > > can have 3 SSH connections to my box, neglect one window for a
> > > few minutes, and when I go to that window and start typing, I
> > > get a message from PuTTY saying I got disconnected.
> > >
> > > I've looked extensivly on the net trying to figure out what's
> > > wrong and how to fix it.  I've come across a couple sites
> > > saying that this could possibly be caused by a 'NAT teardown'. 
> > > I'm new to iptables and NAT, so i'm not exactly sure what this
> > > means.  I was under the impression that NAT timeouts on
> > > CONNECTED connections was like 5 days of inactivity before it
> > > would drop.  When I cat /proc/net/ip_conntrack, i see my
> > > connections, and I see they have very high timeouts.
> > >
> > > I've looked through the iptables man page, as well as the
> > > iptables/netfilter website, and i can't find anything relevent
> > > to this.  Does anyone know how I might fix this?
> > >
> > > -Jeremy
> >
>
> > watching the connection via tcpdump?
>
> No, I'm not familiar enough with tcpdump's syntax to know what to
> look for. What command line options should I use?

Well one approach could be to monitor all traffic with the remotely 
logged in host. For example on the server run:

tcpdump -nX host <client_ip> -i <interface(eth0 for example)>

Make your connection from the client and wait your 5 to 10 minutes. 
See if either side initiates a disconnect or if the connection just 
"disappeared."  

Does a telnet session from a client on the local network via the 
inside nic also fail after this period of time?  

Have you temporarily stopped iptables and tried the same test?

Regards,  Mike Klinke

More information about the fedora-list mailing list