From owner-freebsd-questions Thu Sep 3 16:21:01 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA15470 for freebsd-questions-outgoing; Thu, 3 Sep 1998 16:21:01 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from icarus.reshall.berkeley.edu (icarus.Reshall.Berkeley.EDU [169.229.87.90]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA15456 for ; Thu, 3 Sep 1998 16:20:58 -0700 (PDT) (envelope-from leonardc9@usa.net) Received: from [10.0.0.2] (power.leonard.com [10.0.0.2]) by icarus.reshall.berkeley.edu (8.8.8/8.8.8) with ESMTP id QAA28294 for ; Thu, 3 Sep 1998 16:25:42 -0700 (PDT) (envelope-from leonardc9@usa.net) Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: leonardc@uclink4.berkeley.edu Message-Id: X-mailer: Eudora Pro 4.0.1 Macintosh Date: Thu, 3 Sep 1998 16:24:57 -0700 To: questions@FreeBSD.ORG From: "Leonard C." Subject: Bad Ethernet card? and IPFW set up Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I'm a bit of a newbie so please bear with me if I'm missing something obvious here. :-) Besides that however, I'd like to say that you all have done a great job and other than a few problems, everything has been working great with FreeBSD! I've scrounged up an old 386-DX20 to use for NAT as I only have one IP address and would like to serve multiple computers. In the computer, I installed 2 ethernet cards, natd, and followed the instructions on how to set it up. Everything is working great, however, I've noticed that I get intermittent error messages in my log. ed1 is the card connecting to the outside campus network, and ed0 is for my internal network. bash-2.02$ tail /var/log/messages Sep 1 18:01:17 icarus /kernel: ed1: device timeout Sep 1 20:27:07 icarus arpwatch: new station 169.229.87.128 0:80:c8:4d:c8:dd Sep 1 20:35:10 icarus /kernel: ed1: NIC memory corrupt - invalid packet length 2076 Sep 1 21:06:40 icarus ftpd[18807]: ANONYMOUS FTP LOGIN REFUSED FROM gri-87-78.R eshall.Berkeley.EDU Sep 1 21:37:53 icarus /kernel: ed1: device timeout Sep 1 21:42:49 icarus /kernel: ed1: NIC memory corrupt - invalid packet length 2051 Sep 1 22:01:21 icarus /kernel: ed1: NIC memory corrupt - invalid packet length 2106 Sep 1 22:04:27 icarus /kernel: ed1: device timeout Sep 1 22:05:22 icarus /kernel: ed1: NIC memory corrupt - invalid packet length 2298 Sep 1 22:07:47 icarus /kernel: ed1: NIC memory corrupt - invalid packet length 2157 Sep 1 22:51:04 icarus /kernel: ed1: NIC memory corrupt - invalid packet length 2079 bash-2.02$ uptime 4:19PM up 3 days, 4:13, 1 user, load averages: 0.00, 0.02, 0.00 bash-2.02$ netstat -i Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll ed0 1500 00.80.c8.0a.2f.c3 170504 12 208012 0 58 ed0 1500 10 sandbox.leonard 170504 12 208012 0 58 ed1 1500 00.80.ad.73.eb.fe 12751130 9481366 185136 5 14601 ed1 1500 169.229.87/24 icarus 12751130 9481366 185136 5 14601 lp0* 1500 0 0 0 0 0 tun0* 1500 0 0 0 0 0 sl0* 552 0 0 0 0 0 ppp0* 1500 0 0 0 0 0 lo0 16384 265 0 265 0 0 lo0 16384 your-net localhost.Berke 265 0 265 0 0 Does anybody know what may be causing this? It seems as though there are a heck of a lot of input errors. ed1 is an NE2000 clone, while ed0 is a NE1000 clone. Also, what sort of IPFW rules should I use to prevent others not on my internal network (using the 10.0.0.0/24 address block) from using my computer as a gateway? I'd also like the computer to log any rejected packets. I've recompiled my kernel with IPFIREWALL_VERBOSE, but when the computer starts up, it still says that logging is disabled (and strangely, it says divert is also). What am I doing wrong? Thanks in advance for any help and keep up the good work! Leonard -- Support the Blue Ribbon Campaign for free speech online () http://www.eff.org/blueribbon.html /\ "Those who will not reason perish in the act. Those who will not act, perish for that reason." - W. H. Auden To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message