From owner-freebsd-ipfw@FreeBSD.ORG Mon Feb 17 21:20:09 2014 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 87CDB44C for ; Mon, 17 Feb 2014 21:20:09 +0000 (UTC) Received: from secure.freebsdsolutions.net (secure.freebsdsolutions.net [69.55.234.48]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 65E97122F for ; Mon, 17 Feb 2014 21:20:09 +0000 (UTC) Received: from [10.10.1.198] (office.betterlinux.com [199.58.199.60]) (authenticated bits=0) by secure.freebsdsolutions.net (8.14.4/8.14.4) with ESMTP id s1HLK5q4083657 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Mon, 17 Feb 2014 16:20:06 -0500 (EST) (envelope-from lists@jnielsen.net) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 7.1 \(1827\)) Subject: Re: something is wrong after 9.2 to 10.0 From: John Nielsen In-Reply-To: <20140215.123424.159647737.toshi@ruby.ocn.ne.jp> Date: Mon, 17 Feb 2014 14:20:20 -0700 Content-Transfer-Encoding: quoted-printable Message-Id: <845B3D92-A997-4872-AFBB-BCC23D96CD10@jnielsen.net> References: <20140215.123424.159647737.toshi@ruby.ocn.ne.jp> To: SAITOU Toshihide X-Mailer: Apple Mail (2.1827) X-DCC-Etherboy-Metrics: ns1.jnielsen.net 1002; Body=2 Fuz1=2 Fuz2=2 X-Virus-Scanned: clamav-milter 0.97.8 at ns1.jnielsen.net X-Virus-Status: Clean Cc: freebsd-ipfw@freebsd.org X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Feb 2014 21:20:09 -0000 On Feb 14, 2014, at 8:34 PM, SAITOU Toshihide = wrote: > I'm using FreeBSD as desktop and also using as nat gateway. > After update from 9.2 to 10.0, some network problem occurs > on this desktop machine's environment. >=20 > - Sometimes email transmission failed with > `stat=3DDeferred: 452', maybe when the size is large. >=20 > - Firefox failed to post a form of web page on https. >=20 > - Cadaver is no longer able to put file. >=20 > But if I delete the following rule, the problem don't occur. >=20 > 00050 352686 304039811 nat 123 ip4 from any to any via alc0 >=20 > And the related rc.conf entry is here: >=20 > firewall_enable=3D"YES" > firewall_type=3D"open" > firewall_quiet=3D"NO" > firewall_logging=3D"YES" > firewall_nat_enable=3D"YES" > firewall_nat_interface=3D"alc0" >=20 > Is there any clue? I saw a similar problem when using NAT on a TSO-enabled interface in = FreeBSD 10. Try running "ifconfig alc0 -tso" and/or adding "-tso" to the = ifconfig_alc0 entry in your /etc/rc.conf. See also the related entry in = the BUGS section at the end of ipfw(8) man page. JN