Date: Fri, 1 Jun 2001 09:22:29 -0400 (EDT) From: John <papalia@UDel.Edu> To: Eric Rosenberry <ericr@dsl-only.net> Cc: <freebsd-questions@freebsd.org> Subject: RE: Gateway oddness Message-ID: <Pine.SOL.4.31.0106010919440.20581-100000@copland.udel.edu> In-Reply-To: <GLEOKLAKEIBLAAKKFHEIGEAPCEAA.ericr@dsl-only.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Unfortunately, I had already tried that... I came up with nothing but hits in my backup files. In terms of filters, nothing in /etc/hosts.allow appears to be a potential cause of the blockage, and my entire firewall scheme is as follows: divert 8668 ip from any to any via fxp0 allow ip from any to any via lo0 allow ip from any to any via fxp0 allow ip from 128.175.171.125 to 127.0.0.0/8 deny log logamount 100 ip from any to 127.0.0.0/8 allow ip from any to any deny ip from any to any I've not much more luck, really... I'm open to all suggestions though =) > Do you have any kind of filters setup that are still using the OLD IP > address? > > I would probably grep through any pertinent files for the old IP address > (maybe even all of /etc just for fun). > > -Eric > > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of John > Sent: Thursday, May 31, 2001 9:29 PM > To: freebsd-questions@freebsd.org > Subject: Gateway oddness > > Hi All... > > Until yesterday, I had to boxes existing happily together. There's a > win box hooked up to, and talking to, a FreeBSD 4.3 box. The BSD box has, > for 3 years (going through many version changes) as a DNS server, web > server, mail server, Samba server, and, most importantly, gateway. I have > NAT running, as well as IPFW. Up till yesterday, all was great. Then, > today, I had a change in IP's, and a change in the gateway downstream from > me. Now, I have this problem: > > FBSD --> Internet works > FBSD --> Winbox works > Winbox --> FBSD works > Winbox --> Anything past the FBSD Box doesn't work > > I've changed nothing but the IP address in rc.firewall and rc.conf. I'm > guessing I'm missing something simple, but i'm stumped... any thoughts or > advice? I've pasted more info below. > > Thanks!!! > --John > > ipfw show indicates nat is running: > > 00050 21392 9668930 divert 8668 ip from any to any via fxp0 > > while trying to do a traceroute from the windows box, tcpdump on the > internal interface shows: > > tcpdump: listening on fxp0^M > 200:03:09.004449 arp who-has merlin.wondermutt.net tell > morgaine.wondermutt.net^ > M > 00:03:09.004528 arp reply merlin.wondermutt.net is-at 0:a0:c9:6c:a9:23^M > 00:03:09.004745 morgaine.wondermutt.net.1044 > > roaming-171-125.nss.udel.edu.domain: 1+ A? www.udel.edu. (30)^M > 00:03:09.007423 roaming-171-125.nss.udel.edu.domain > > morgaine.wondermutt.net.1044: 1 1/4/4 A www.udel.edu (197)^M > 00:03:09.013176 morgaine.wondermutt.net > www.udel.edu: icmp: echo request > [ttl 1]^M > 00:03:09.013614 merlin.wondermutt.net > morgaine.wondermutt.net: icmp: time > exceeded in-transit^M > 00:03:09.014865 morgaine.wondermutt.net > www.udel.edu: icmp: echo request > [ttl 1]^M > 00:03:09.015266 merlin.wondermutt.net > morgaine.wondermutt.net: icmp: time > exceeded in-transit^M > 00:03:09.020376 morgaine.wondermutt.nnet > www.udel.edu: icmp: echo request > [ttl 1]^M > > The same traceroute on the external interface shows: > > 00:04:09.607173 arp who-has host125-4.student.udel.edu tell > crc-7k-e-0-0-sub3.nss.udel.edu^M > 00:04:09.754853 211.247.251.113.9129 > roaming-171-128.nss.udel.edu.9001: > udp 15^M > 00:04:10.228012 roaming-171-125.nss.udel.edu.novell-lu6.2 > > strauss.udel.edu.domain: 4021+ PTR? 4.152.175.128.in-addr.arpa. (44)^M > 00:04:10.230594 strauss.udel.edu.domain > > roaming-171-125.nss.udel.edu.novell-lu6.2: 4021* 1/4/4 (235) (DF)^M > 00:04:10.234729 roaming-171-175.nss.udel.edu.novell-lu6.2 > > strauss.udel.edu.domain: 46982+ PTR? 1.152.175.128.in-addr.arpa. (44)^M > 00:04:10.237011 strauss.udel.edu.domain > > roaming-171-125.nss.udel.edu.novell-lu6.2: 46982* 1/4/4 (239) (DF)^M > 00:04:10.242620 roaming-171-125.nss.udel.edu.novell-lu6.2 > > strauss.udel.edu.dom > ain: 40368+ PTR? 156.171.175.128.in-addr.arpa. (46)^M > 00:04:10.244894 strauss.udel.edu.domain > > roaming-171-125.nss.udel.edu.novell-lu6.2: 40368* 1/4/4 (239) (DF)^M > 00:04:10.249169 roaming-171-175.nss.udel.edu.novell-lu6.2 > > strauss.udel.edu.dom > ain: 42641+ PTR? 113.251.247.211.in-addr.arpa. (46)^M > 00:04:10.540513 strauss.udel.edu.domain > > roaming-171-125.nss.udel.edu.novell-lu > 6.2: 42641 NXDomain* 0/1/0 (101) (DF)^M > 2^H ^H200:04:11.027365 211.117.115.147.9001 > > roaming-171-156.nss.udel.edu.9001: > udp 23^ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.4.31.0106010919440.20581-100000>