Date: Fri, 24 Sep 1999 10:20:29 -0500 From: "Vaevictus Asmadi" <vaevictus@socket.net> To: <freebsd-isp@freebsd.org> Subject: big problem with NATD. NEED SUGGESTIONS! Message-ID: <NDBBIOANCLGLNFOCLGEOKECHCBAA.vaevictus@socket.net>
next in thread | raw e-mail | index | archive | help
NATD apparently is either crashing or not initializing properly. Here's my situation... I'm offering a Filtered service now... first of all, i assign all filtered accounts a particular set of ips... (unregistered ips) and block them from the internet. They can then get to all of our local equipment, two machines of which are important... 1. Proxy server. 2. Filtered-proxy server. I've had natd running on the proxy server so if anyone from the filtered ips connects to it, it's automatically forwarded to the netfilter server... This allows all of our customers to be either filtered or not based on which account they authenticate with. This has been working... so i get to work today and am told that, in symtom descriptions, that natd is not working... So ... I check the processes and everything important is running... Has anyone had an issue with NATD locking up? Vaevictus Technical info... ps info: 542 ?? Ss 0:00.40 natd -n xl0 -redirect_address 216.106.1.24 0.0.0.0 -m -l (216.106.1.24 is the filtered-proxy server) Relevant Kernel conf: #added for NATD translation --09/02/99 n8 ### options IPFIREWALL options IPFIREWALL_VERBOSE options "IPFIREWALL_VERBOSE_LIMIT=100" options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT bash-2.03# cat /etc/rc.firewall # # /sbin/ipfw -f flush # ^^ initialize it /sbin/ipfw add divert natd all from 172.16.0.0:255.255.0.0 to any via xl0 #/sbin/ipfw add divert natd all from 216.106.0.22 to any via xl0 /sbin/ipfw add divert natd all from 216.106.1.24 to any via xl0 # ^^ divert to network address translation daemon all from my workstation /sbin/ipfw add pass all from any to any # ^^ allows all else # in rc.conf # -- Added N8 09/2/99 for netfilter/proxy decisions based on ip -- # firewall_enable="YES" # Set to YES to enable firewall functionality firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall firewall_type="open" # Firewall type (see /etc/rc.firewall) firewall_quiet="YES" # Set to YES to suppress rule display natd_enable="YES" # Enable natd (if firewall_enable == YES). gateway_enable="YES" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NDBBIOANCLGLNFOCLGEOKECHCBAA.vaevictus>