From owner-freebsd-stable Mon Nov 13 21:58:16 2000 Delivered-To: freebsd-stable@freebsd.org Received: from dega.daemonium.com (dega.daemonium.com [204.138.50.74]) by hub.freebsd.org (Postfix) with ESMTP id 97D8E37B479 for ; Mon, 13 Nov 2000 21:58:14 -0800 (PST) Received: by dega.daemonium.com (Postfix, from userid 1000) id A95B334AB; Tue, 14 Nov 2000 00:58:07 -0500 (EST) Date: Tue, 14 Nov 2000 00:58:07 -0500 From: Peter Philipp To: Rod Taylor Cc: chat@gtabug.org, freebsd-stable@freebsd.org Subject: Re: gtabug - Problems with Firewall???? Message-ID: <20001114005807.C25362@daemonium.com> References: <3A10A8AE.7AD404EA@zort.on.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <3A10A8AE.7AD404EA@zort.on.ca>; from rbt@zort.on.ca on Mon, Nov 13, 2000 at 09:51:26PM -0500 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Nov 13, 2000 at 09:51:26PM -0500, Rod Taylor wrote: > Needless to say, it's something weird with IPF, Nat, and SSH on both > ends of the connection through the previous two... Removing either IPF > or Nat does the trick, as does making one connection non-freebsd (or > atleast non-openssh). Well I'd just get rid of the IPF rules if it's either Nat or IPF. On another note have you tried changing from DSA keys to RSA keys and switching encryption algorithms? Finally perhaps ssh -v will give you better results in trying to debug this problem. At last perhaps you can get a tcpdump of what it's doing just before it hangs (a good thing to keep track of is window updates and negotiations as well). Hope that helps any, -- - - Peter Philipp Daemonium To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message