168 lines
3.6 KiB
HTML
168 lines
3.6 KiB
HTML
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
|
|
<HTML
|
|
><HEAD
|
|
><TITLE
|
|
>( Free Ports ) - I'm getting "kernel: ip_masq_new(proto=UDP): no free ports." in my
|
|
SYSLOG files. Whats up?</TITLE
|
|
><META
|
|
NAME="GENERATOR"
|
|
CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
|
|
REL="HOME"
|
|
TITLE="Linux IP Masquerade HOWTO"
|
|
HREF="index.html"><LINK
|
|
REL="UP"
|
|
TITLE="Frequently Asked Questions"
|
|
HREF="faq.html"><LINK
|
|
REL="PREVIOUS"
|
|
TITLE="( MASQ Security ) - Can I configure IP MASQ to allow Internet users to
|
|
directly contact internal MASQed servers?"
|
|
HREF="masq-host-security.html"><LINK
|
|
REL="NEXT"
|
|
TITLE="( SETSOCKOPT ) - I'm getting "ipfwadm: setsockopt failed: Protocol not
|
|
available" when I try to use IPPORTFW! "
|
|
HREF="setsockopt.html"></HEAD
|
|
><BODY
|
|
CLASS="SECT1"
|
|
BGCOLOR="#FFFFFF"
|
|
TEXT="#000000"
|
|
LINK="#0000FF"
|
|
VLINK="#840084"
|
|
ALINK="#0000FF"
|
|
><DIV
|
|
CLASS="NAVHEADER"
|
|
><TABLE
|
|
SUMMARY="Header navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TH
|
|
COLSPAN="3"
|
|
ALIGN="center"
|
|
>Linux IP Masquerade HOWTO</TH
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="left"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="masq-host-security.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="80%"
|
|
ALIGN="center"
|
|
VALIGN="bottom"
|
|
>Chapter 7. Frequently Asked Questions</TD
|
|
><TD
|
|
WIDTH="10%"
|
|
ALIGN="right"
|
|
VALIGN="bottom"
|
|
><A
|
|
HREF="setsockopt.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
></TABLE
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"></DIV
|
|
><DIV
|
|
CLASS="SECT1"
|
|
><H1
|
|
CLASS="SECT1"
|
|
><A
|
|
NAME="NO-FREE-PORTS"
|
|
></A
|
|
>7.23. ( Free Ports ) - I'm getting "kernel: ip_masq_new(proto=UDP): no free ports." in my
|
|
SYSLOG files. Whats up?</H1
|
|
><P
|
|
>One of your internal MASQed machines are creating an abnormally high number of
|
|
packets destined for the Internet. As the IP Masq server builds the MASQ
|
|
table and forwards these packets out over the Internet, the table is quickly
|
|
filling. Once the table is filled, it will give you this error.</P
|
|
><P
|
|
>The only application that I have known which temporarily creates this situation
|
|
is a gaming program called "GameSpy". Why? Gamespy builds a server list and
|
|
then pings all of the servers in the list (1000s of game servers). By creating
|
|
all these pings, it creates 1,000s of quick connections in a VERY short period
|
|
of time. Until these sessions timeout via the IP MASQ timeouts, the MASQ tables
|
|
become "FULL". </P
|
|
><P
|
|
>So what can you do about it? Realistically, don't use programs that do things
|
|
like this. If you do get this error in your logs, find it and stop using it.
|
|
If you really like GameSpy, just don't refresh the server too often.
|
|
Regardless, once you stop running this MASQ'ed program, this MASQ error will
|
|
go away as these connections will eventually timeout in the MASQ tables.</P
|
|
></DIV
|
|
><DIV
|
|
CLASS="NAVFOOTER"
|
|
><HR
|
|
ALIGN="LEFT"
|
|
WIDTH="100%"><TABLE
|
|
SUMMARY="Footer navigation table"
|
|
WIDTH="100%"
|
|
BORDER="0"
|
|
CELLPADDING="0"
|
|
CELLSPACING="0"
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="masq-host-security.html"
|
|
ACCESSKEY="P"
|
|
>Prev</A
|
|
></TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="index.html"
|
|
ACCESSKEY="H"
|
|
>Home</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="setsockopt.html"
|
|
ACCESSKEY="N"
|
|
>Next</A
|
|
></TD
|
|
></TR
|
|
><TR
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="left"
|
|
VALIGN="top"
|
|
>( MASQ Security ) - Can I configure IP MASQ to allow Internet users to
|
|
directly contact internal MASQed servers?</TD
|
|
><TD
|
|
WIDTH="34%"
|
|
ALIGN="center"
|
|
VALIGN="top"
|
|
><A
|
|
HREF="faq.html"
|
|
ACCESSKEY="U"
|
|
>Up</A
|
|
></TD
|
|
><TD
|
|
WIDTH="33%"
|
|
ALIGN="right"
|
|
VALIGN="top"
|
|
>( SETSOCKOPT ) - I'm getting "ipfwadm: setsockopt failed: Protocol not
|
|
available" when I try to use IPPORTFW!</TD
|
|
></TR
|
|
></TABLE
|
|
></DIV
|
|
></BODY
|
|
></HTML
|
|
> |