Date: Thu, 27 Jan 2000 00:16:55 -0800 From: The Mad Scientist <madscientist@thegrid.net> To: freebsd-security@freebsd.org Subject: Re: Riddle me this Message-ID: <4.1.20000127000531.0096ab30@mail.thegrid.net> In-Reply-To: <200001270355.UAA01355@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 08:55 PM 1/26/00 -0700, you wrote: >Jan 26 15:23:49 victim natd[125]: failed to write packet back (No route to >host) > >Maybe I'm just dense this evening and the cause of the message is obvious, but >I can't figure out what would have generated this message. The system has a >static default route to the upstream ISP's router. > >Is this a side effect of the rules I added? Or of something else? > >--Brett Glass This is an entirely different issue AFAIK. If you see some correlation, change the rules to 00049 deny log ip from 224.0.0.0/4 to any via any 00050 deny log ip from any to 224.0.0.0/4 via any and see if you get any messages in syslog just before the failure messages. Natd on my router has gone out to lunch like this a few times in the year or so that I have been running. I am not sure what caused it -- possibly me hammering the connection (and my poor no-math-coprocesser-having 486 firewall) or my upstream router deciding that it didn't like my traffic for a while. I have an inkling that it was Pac Bell's routers, but I can not confirm that. I'm waiting for it to do that again, so I can truss natd or test the connection on my windows machine. At any rate, I like logging on most of my deny rules. You see all kinds of neat stuff even on a home DSL connection. -Dean To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.20000127000531.0096ab30>