From owner-freebsd-questions Wed Nov 15 17:49: 6 2000 Delivered-To: freebsd-questions@freebsd.org Received: from shalimar.net.au (shalimar.net.au [198.142.161.98]) by hub.freebsd.org (Postfix) with ESMTP id A0CE837B479 for ; Wed, 15 Nov 2000 17:48:56 -0800 (PST) Received: from shalimar.net.au (localhost [127.0.0.1]) by shalimar.net.au (8.11.1/8.11.1) with SMTP id eAG1mqb45247 for ; Thu, 16 Nov 2000 12:48:53 +1100 (EST) (envelope-from count@shalimar.net.au) From: Zero Sum Organization: Tobacco Chewers and Body Painters Association. Date: Thu, 16 Nov 2000 12:48:52 +1100 X-Mailer: KMail [version 1.1.99] Content-Type: text/plain; charset="iso-8859-1" To: freebsd-questions@FreeBSD.ORG Subject: ipfw/natd relationship broken? MIME-Version: 1.0 Message-Id: <0011161248520L.43667@shalimar.net.au> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG -----BEGIN PGP SIGNED MESSAGE----- This used to work. Has this been broken too? /root #uname -a FreeBSD shalimar.net.au 4.2-BETA FreeBSD 4.2-BETA #0: Thu Nov 9 08:22:44 EST 2000 root@shalimar.net.au:/usr/obj/usr/src/sys/SHALIMAR i386 extract from ipfw log: Nov 16 11:56:59 shalimar /kernel: ipfw: 600 Deny TCP 207.46.232.17:80 192.168.1.3:1047 in via tun0 Nov 16 11:57:00 shalimar /kernel: ipfw: 600 Deny TCP 207.46.232.17:80 192.168.1.3:1052 in via tun0 Nov 16 11:57:49 shalimar /kernel: ipfw: 600 Deny TCP 208.184.4.152:80 192.168.1.3:1048 in via tun0 Nov 16 11:58:32 shalimar /kernel: ipfw: 600 Deny TCP 208.184.4.152:80 192.168.1.3:1051 in via tun0 Nov 16 11:59:24 shalimar /kernel: ipfw: 600 Deny TCP 207.46.232.17:80 192.168.1.3:1052 in via tun0 Nov 16 12:00:10 shalimar /kernel: ipfw: 600 Deny TCP 208.184.4.152:80 192.168.1.3:1055 in via tun0 Rule 600: 00600 deny log logamount 100 ip from any to 192.168.0.0/16 via tun0 Running ethereal shows that the packets coming in the tun0 i/f are correctly adressed to *me* not my local network. The address is translated and then rejected rather than being passed and then translated, or so it seems. What have I got wrong? secondly, I have recompiled my kernel several times, but the #n has neve gone up. What is supposed to increase the numeric? Geoff -- count@shalimar.net.au Nihil curo de ista tua stulta superstitione -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use MessageID: HfWf7AisTWQdD/HurjNT7GPd/+3zkMss iQA/AwUBOhM9BPh4xz7LU/evEQISLgCgjOzd0v/EJrFm+90rCfOKOkGC/MgAnjSb uDFnsTSI1KbhsD4dXq+yaDH6 =E6Oy -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message