Date: Fri, 23 Nov 2001 13:08:27 -0500 (EST) From: Paul Miseiko <teardrop@teardrop.ca> To: Peter Ross <petros@pps.de> Cc: freebsd-security@FreeBSD.ORG Subject: Re: natd: failed to write packet back (Permission denied) Message-ID: <20011123130628.P18084-100000@teardrop.ca> In-Reply-To: <200111231146.MAA24434@aprilsonne.pps.de>
next in thread | previous in thread | raw e-mail | index | archive | help
I get that message sometimes myself. In my case it has to do with my
insane firewall. Between the NATd and the Internal Network, all proto and
port ranges are passed/allowed. While, between the NATd and the External
Network (internet) very few outbound and even fewer inbound port(s) are
allowed. If I drop all my firewall rules and just do diverting and
passing of all traffic between all interfaces the error goes away;
However, do too my paranoid nature I'll be living with that error instead
(*^_^*)
Paul Miseiko /\/ esoteric@EFNet
/\/ http://teardrop.ca
On Fri, 23 Nov 2001, Peter Ross wrote:
> Hi,
>
> last month I installed a working (AFAIK;-) firewall using FreeBSD 4.4, ipfw
> and natd.
>
> Sometimes I get a message:
>
> > Nov 22 17:31:25 tor natd[456]: failed to write packet back (Permission
> > denied)
> > Nov 22 17:31:58 tor last message repeated 6 times
>
> There are approximately 30 packets per day causing this message.
>
> I can't find a corresponding message in the ipfw-logs.
>
> While my firewall continues to work, my former FreeBSD 3.x firewall stopped
> in this case from time to time.
>
> Should I be worried? I hope there isn't a mistake in the ipfw rules..
>
> Thanks for advice
> Peter Ross
>
> *******************************************************
> Dipl.Inf. Peter Ross Mail: petros@pps.de
> Presse Programm Service Berlin - Systems administration
> *******************************************************
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011123130628.P18084-100000>