Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 16 Nov 2000 12:48:52 +1100
From:      Zero Sum <count@shalimar.net.au>
To:        freebsd-questions@FreeBSD.ORG
Subject:   ipfw/natd relationship broken?
Message-ID:  <0011161248520L.43667@shalimar.net.au>
next in thread | raw e-mail | index | archive | help 
-----BEGIN PGP SIGNED MESSAGE-----


This used to work.  Has this been broken too?

/root #uname -a
FreeBSD shalimar.net.au 4.2-BETA FreeBSD 4.2-BETA #0: Thu Nov  9 08:22:44
EST 2000     root@shalimar.net.au:/usr/obj/usr/src/sys/SHALIMAR  i386

extract from ipfw log:
Nov 16 11:56:59 shalimar /kernel: ipfw: 600 Deny TCP 207.46.232.17:80
192.168.1.3:1047 in via tun0
Nov 16 11:57:00 shalimar /kernel: ipfw: 600 Deny TCP 207.46.232.17:80
192.168.1.3:1052 in via tun0
Nov 16 11:57:49 shalimar /kernel: ipfw: 600 Deny TCP 208.184.4.152:80
192.168.1.3:1048 in via tun0
Nov 16 11:58:32 shalimar /kernel: ipfw: 600 Deny TCP 208.184.4.152:80
192.168.1.3:1051 in via tun0
Nov 16 11:59:24 shalimar /kernel: ipfw: 600 Deny TCP 207.46.232.17:80
192.168.1.3:1052 in via tun0
Nov 16 12:00:10 shalimar /kernel: ipfw: 600 Deny TCP 208.184.4.152:80
192.168.1.3:1055 in via tun0

Rule 600:
00600  deny log logamount 100 ip from any to 192.168.0.0/16 via tun0

Running ethereal shows that the packets coming in the tun0 i/f are
correctly adressed to *me* not my local network.  The address is translated
and then rejected rather than being passed and then translated, or so it
seems.  What have I got wrong?

secondly, I have recompiled my kernel several times, but the #n has neve
gone up. What is supposed to increase the numeric?

Geoff
--
count@shalimar.net.au
Nihil curo de ista tua stulta superstitione

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
MessageID: HfWf7AisTWQdD/HurjNT7GPd/+3zkMss

iQA/AwUBOhM9BPh4xz7LU/evEQISLgCgjOzd0v/EJrFm+90rCfOKOkGC/MgAnjSb
uDFnsTSI1KbhsD4dXq+yaDH6
=E6Oy
-----END PGP SIGNATURE-----


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0011161248520L.43667>