Date: Wed, 19 Jul 2000 14:58:36 -0400 From: Nathan Vidican <webmaster@wmptl.com> To: Matthew Amelin <mamelin@cisco.com> Cc: questions@freebsd.org Subject: Re: natd[90]: failed to write packet back to host Message-ID: <3975FA5C.1B8650D3@wmptl.com> References: <3975EEF0.AC190FDC@cisco.com> <3975C50D.D505552F@wmptl.com> <3975FB22.CC484D61@cisco.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Amelin wrote: > > the rules are > > /sbin/ipfw -f flush > /sbin/ipfw add divert natd all from any to any via fxp0 > /sbin/ipfw add pass all from any to any > > natd is working but i keep getting these errors?? any ideas? > FreeBSD 4.0 i am using > here is my rc.conf > ifconfig_fxp0="inet 64.32.158.84 netmask 255.255.255.224" > ifconfig_fxp1="inet 10.1.1.4 netmask 255.255.255.0" > hostname="jabba" > gateway="YES" > firewall_enable="YES" > natd_enable="YES" > natd_interface="fxp0" > linux_enable="YES" > moused_enable="YES" > defaultrouter="64.32.158.65" > > any better than last time?? > pls help > > Thank you... > your great!! > mamelin@cisco.com > > Nathan Vidican wrote: > > > Matthew Amelin wrote: > > > > > > natd[90]: failed to write packet back to host > > > > > > getting this error....any....help > > > > > > mamelin@cisco.com > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-questions" in the body of the message > > > > You need to supply us with a little more information about what your > > configuration is like. > > Right off the bat I'd say it has to do with your firewall rules, > > chances are they aren't setup properly to allow natd to work. If you > > could repost this message with a copy of your actual firewall rules, (as > > detailed as possible -exclude/substitute your actual IP addresses fro > > security reasons if you so choose to). > > Again, without more information to go from than a simple error message, > > I can't really help you out much. > > > > -- > > Nathan Vidican > > webmaster@wmptl.com > > Windsor Match Plate & Tool Ltd. > > http://www.wmptl.com/ Yes thank-you, this makes things much easier to deal with, with one exception, you should have CC'd the mailing list as well. Regardless, it looks to me like it should be working fine. My setup is as follows (the relevant part(s) anyhow) and it works flawlessly if it helps you any: # /etc/rc.firewall /sbin/ipfw -f flush /sbin/ipfw add 1000 pass all from 127.0.0.1 to 127.0.0.1 /sbin/ipfw add 2000 divert 6668 all from any to any via ed1 /sbin/ipfw add 65000 pass all from any to any # end of rc.firewall (the relevant parts anyhow) # /etc/natd.conf # called from 'natd -f /etc/natd.conf' on startup use_sockets no port 6668 interface ed1 # end of natd.conf, (agin the parts that are relevant here anyhow) The only real difference I see, is the rule to allow 127.0.0.1 to see itself (the loopback interface). I've also got a whole mess of other firewall rules filtering traffic on my end, but I didn't paste them for simplicitie's sake. -- Nathan Vidican webmaster@wmptl.com Windsor Match Plate & Tool Ltd. http://www.wmptl.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3975FA5C.1B8650D3>