Date: Wed, 24 Mar 1999 15:33:49 -0800 From: tront@cs.sfu.ca To: Brian Somers <brian@Awfulhak.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: natd problem Message-ID: <3.0.3.32.19990324153349.00a189c0@cs.sfu.ca> In-Reply-To: <199903242216.WAA05275@keep.lan.Awfulhak.org> References: <Your message of "Wed, 24 Mar 1999 13:18:01 PST." <3.0.3.32.19990324131801.00a11890@cs.sfu.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
At 10:16 PM 3/24/99 +0000, Brian Somers wrote: >Perhaps ``options DIVERT'' isn't built into your kernel ? Otherwise, >maybe natd is listening to a different divert port from the one ipfw >is telling the firewall to use. Nope. Like I said, we did everything in the 'Running Natd' portion of the natd man page including rebuilding the kernel. Do you have any other suggestions? Russ. > >> I am a university instructor of a network admin course that has been using >> freebsd unix for 2 years, we are currently using 2.2.7. We are trying natd >> for the first time ever. And after checking all available documentation we >> are stumped as to why we can't even ping one hop from the gateway to a >> public network machine while natd is running. >> We have followed the instructions on the man page exactly! >> We can ping from the internal machine to the gateway and visa versa. But >> not through the gateway to the public network. And more interestingly, not >> even from the gateway machine to the public network (one hop!). When we >> kill natd and remove the divert firewall rule, ping is successful in all >> ways, including relay through the gateway, so the connectivity and routing >> is good. >> >> The divert rule firewall timestamp is showing that it is being used at the >> time we attempt to pings, so the firewall is running. And the firewall >> only has the specified 2 rules plus the final 65535 deny rule. Also, we >> found that running natd in verbose mode generated no error messages. And >> running in log mode didn't seem to generate any log in alias.log. >> >> We have spent hours on this, and are beginning to disagree with the man >> page that states "Running natd is fairly straight forward". Can you give >> us another pointer or two on where to look for some error in our setup. >> >> Thanks VERY much, >> Russ Tront, Instructor >> School of Computer Science >> Simon Fraser University >> Burnaby, B.C. V5A 1S6 >> Canada. > >-- >Brian <brian@Awfulhak.org> <brian@FreeBSD.org> <brian@OpenBSD.org> > <http://www.Awfulhak.org>; >Don't _EVER_ lose your sense of humour ! > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.3.32.19990324153349.00a189c0>