From owner-freebsd-ipfw@FreeBSD.ORG Tue Oct 7 14:46:35 2003 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D5D0816A4B3 for ; Tue, 7 Oct 2003 14:46:35 -0700 (PDT) Received: from tenebras.com (laptop.tenebras.com [66.92.188.18]) by mx1.FreeBSD.org (Postfix) with SMTP id C3C6D43FCB for ; Tue, 7 Oct 2003 14:46:34 -0700 (PDT) (envelope-from kudzu@tenebras.com) Received: (qmail 20798 invoked from network); 7 Oct 2003 21:46:31 -0000 Received: from sapphire.tenebras.com (HELO tenebras.com) (192.168.188.241) by laptop.tenebras.com with SMTP; 7 Oct 2003 21:46:31 -0000 Message-ID: <3F833434.5090506@tenebras.com> Date: Tue, 07 Oct 2003 14:46:28 -0700 From: Michael Sierchio User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.4) Gecko/20030624 X-Accept-Language: en-us, zh-tw, zh-cn, fr, en, de-de MIME-Version: 1.0 To: freebsd-ipfw@FreeBSD.ORG Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Strange leakage of private source addresses w/ipfw and natd X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Oct 2003 21:46:35 -0000 This doesn't have a (user-) noticeable impact on traffic, but installing a silent network recorder outside my firewall shows that some RFC 1918 addrs are getting through. My suspicion is that this has to do with my use of both static and dynamic nat, but I can't be sure. I also need to instrument my ruleset so I see which rule is allowing the traffic -- I'm a bit puzzled. I'll post details when I've got them, but I'm wondering if anyone else has seen this? Cheers, Michael