From owner-freebsd-questions Thu Feb 22 1:24:15 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id F41C437B401 for ; Thu, 22 Feb 2001 01:24:12 -0800 (PST) (envelope-from cjc@rfx-216-196-73-168.users.reflexcom.com) Received: from rfx-216-196-73-168.users.reflexcom.com ([216.196.73.168]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Thu, 22 Feb 2001 01:19:07 -0800 Received: (from cjc@localhost) by rfx-216-196-73-168.users.reflexcom.com (8.11.1/8.11.1) id f1M9KdJ90767; Thu, 22 Feb 2001 01:20:39 -0800 (PST) (envelope-from cjc) Date: Thu, 22 Feb 2001 01:20:37 -0800 From: "Crist J. Clark" To: Kathy Quinlan Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Natd errors Message-ID: <20010222012037.F89396@rfx-216-196-73-168.users.reflex> Reply-To: cjclark@alum.mit.edu References: <00f901c09c73$7e036e20$fe00a8c0@kat.lan> <007001c09c81$9de33000$0d01a8c0@casystems.net> <001001c09c82$9980a3c0$fe00a8c0@kat.lan> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <001001c09c82$9980a3c0$fe00a8c0@kat.lan>; from katinka@magestower.com on Thu, Feb 22, 2001 at 11:50:27AM +0800 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Feb 22, 2001 at 11:50:27AM +0800, Kathy Quinlan wrote: > I have the following option in my kernel : > > options IPFIREWALL_VERBOSE > > but I still do not see which rule is causing it > > any ideas ? You did put the 'log' key word in the suspect 'deny' rules? > or is their a log file somewhere that logs these errors ? > or can I redirect these errors to a file, as all I get in /va/log/messages > and on the console is the natd104 error and not a rule # responsible. The log information generated by ipfw is sent to syslog as security.info. > also is their a list of error messages anywhere ? You can often find out what an error message for a specific program means on it manpage or other documentation. Frankly, there are wa-ay too many to put all errors that any program could produce in one place. > like if I get an error how do I find what it is as like the natd104 was not > very helpful. Here was the log entry you gave (format recovered), > > > Feb 22 10:00:05 serverbsd natd[104]: failed to write packet back (Permission denied) \_____________/ \_______/ \__/ \_/ \_____... date and time host | | message program | PID 'natd' is the program that sent the message and '104' its process ID number. -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message