Date: Sun, 25 Mar 2001 21:51:02 -0800 From: Robin Lo <asailcat@yahoo.com> To: freebsd-questions@FreeBSD.ORG Subject: Reply NAT questions, sorry attached are my rc.conf file and ipnat.rules file Message-ID: <5.0.2.1.0.20010325214801.00a45ec0@pop.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
--=====================_515832327==_ Content-Type: text/plain; charset="us-ascii"; format=flowed >Please read through the message. Any suggestions would be much >appreciated....Thanks > >Personally, I generally use the kernel ipfilter interface that installs >with FreeBSD and I'm not terribly familiar with the ipnat system. > >-Bill > >Robin Lo wrote: > > > > Thanks Bill for the quick response. Your reply solves the problem with the > > messages being displayed, however I am still unable to get to the internet > > with my internal boxes. I can't surf the internet when I configure an > > internal client with eg 10.0.0.1/8 and with a subnet mask of > > 255.0.0.0. Please take a look at my conf files. > > > > ***Attached is my rc.conf and ipnat.rules files. Please take a look and > > let me know what you find. Thanks for your help. Robin > > > > Port 138 is netbios stuff. Typical Micros~1 broadcast traffic. The > > solution is to remove all the Windows-based machines from you network. > > Barring that, I'd program your NAT box with a firewall that rejects or > > drops those packets. Or you could just ignore it or program ipnat not to > > complain about it. It's probably just the Micros~1 machines making sure > > everyone else on the network knows they're there every 15 seconds or > > whatever the default interval is. I believe on some of the Micros~1 > > boxes you can turn of "lanmanager annoucements" or other such broadcast > > options to reduce this traffic. > > > > -Bill > > > > Robin Lo wrote: > > > > > > Hello, > > > > > > I have set up FreeBSD 4.2 to be used for NAT. I have 2 NIC cards > > > configured for the network. The internal network is configured > > > with--10.0.0.0/8, and the second NIC with it's ISP default settings. > > > The external NIC has been tested. I am able to ping to the outside > > > world. I support an internal network with an NT2000 Server used for > > > DNS, DHCP, and Active Directory services supporting serveral Windows > > > /Pro/NT40/ and 98 clients. When running the NAT box i get > > > these messages that appear accross the screen. It occurs while > > > working in vi or any other programs. > > > > > > March 24 03:36:39 firewall /kernel: Connection attempt to UDP > > > 64.160.131.xx9:138 from 64.160.131.xx8:138 > > > > > > March 24 03:36:39 firewall /kernel: Connection attempt to UDP > > > 10.255.255.255:138 from 10.10.1.1:138 > > > > > > March 24 03:36:39 firewall /kernel: Connection attempt to UDP > > > 10.255.255.255:138 from 10.10.1.3:138 > > > > > > March 24 03:58:38 firewall last message repeated 2 times > > > > ------------------------------------------------------------------------ > > Name: rc.conf.new > > rc.conf.new Type: unspecified type (application/octet-stream) > > Encoding: base64 > > > > Name: ipnat.rules > > ipnat.rules Type: unspecified type (application/octet-stream) > > Encoding: base64 --=====================_515832327==_ Content-Type: application/octet-stream; name="rc.conf.new" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="rc.conf.new" I1N0YXJ0dXAgc2NyaXB0cwpsb2NhbF9zdGFydHVwPSIvdXNyL2xvY2FsL2V0Yy9yYy5kIgoKI0Jh c2ljIG5ldHdvcmsgb3B0aW9ucwpob3N0bmFtZT0iZmlyZXdhbGwudXNhc3BvcnRzcGljayIKbmV0 d29ya19pbnRlcmZhY2VzPSJsbzAgeGwwIHhsMSIgCmlmY29uZmlnX2xvMD0iaW5ldCAxMjcuMC4w LjEiCQppZmNvbmZpZ194bDA9ImluZXQgNjQuMTYwLjEzMS54eDcgbmV0bWFzayAyNTUuMjU1LjI1 NS54eCIgCmlmY29uZmlnX3hsMT0iaW5ldCAxMC4wLjAuMSBuZXRtYXNrIDI1NS4wLjAuMCIgCmRl ZmF1bHRyb3V0ZXI9IjY0LjE2MC4xMzEueHh4IgoKI0ZpcmV3YWxsL3NlY3VyaXR5IG9wdGlvbnMK aXBmaWx0ZXJfZW5hYmxlPSJZRVMiCiNpcGZpbHRlcl9wcm9ncmFtPSIvc2Jpbi9pcGYgLUZhIC1m IgkjIFB1cmdlIGlwZiBhbmQgbWFrZSBhbGwgaW5zdGFsbCBjbGVhbgppcGZpbHRlcl9ydWxlcz0i L2V0Yy9pcGYucnVsZXMiCmlwZmlsdGVyX2ZsYWdzPSIiCmlwbmF0X2VuYWJsZT0iWUVTIgppcG5h dF9ydWxlcz0iL2V0Yy9pcG5hdC5ydWxlcyIKaXBtb25fZW5hYmxlPSJZRVMiCQkJCQkKaXBtb25f ZmxhZ3M9Ii1EIC92YXIvbG9nL2lwZmxvZyIKbG9nX2luX3ZhaW49IllFUyIKdGNwX2Ryb3Bfc3lu ZmluPSJZRVMiCQkKdGNwX3Jlc3RyaWN0X3JzdD0iWUVTIgkJCmljbXBfZHJvcF9yZWRpcmVjdD0i WUVTIgppY21wX2xvZ19yZWRpcmVjdD0iWUVTIgoKI05ldHdvcmsgZGFlbW9uIG9wdGlvbnMKI3Nz aGRfZW5hYmxlPSJOTyIJCQkjIExvY2FsIGNvbnNvbGUgYWNjZXNzCiNzc2hkX3Byb2dyYW09Ii91 c3Ivc2Jpbi9zc2hkIgojc3NoZF9mbGFncz0iIgoKI05ldHdvcmsgcm91dGluZyBvcHRpb25zCnN0 YXRpY19yb3V0ZXM9IjAgMSAyIDMiCnJvdXRlXzA9Ii1uZXQgMTAuMC4wLjIgLW5ldG1hc2sgMjU1 LjI1NS4yNTUuMCAtaW50ZXJmYWNlIDY0LjE2MC4xMzEueHg3Igpyb3V0ZV8xPSItbmV0IDEwLjAu MC4zIC1uZXRtYXNrIDI1NS4yNTUuMjU1LjAgLWludGVyZmFjZSA2NC4xNjAuMTMxLnh4NyIKcm91 dGVfMj0iLW5ldCAxMC4wLjAuNCAtbmV0bWFzayAyNTUuMjU1LjI1NS4wIC1pbnRlcmZhY2UgNjQu MTYwLjEzMS54eDciCnJvdXRlXzM9Ii1uZXQgMTAuMC4wLjUgLW5ldG1hc2sgMjU1LjI1NS4yNTUu MCAtaW50ZXJmYWNlIDY0LjE2MC4xMzEueHg3IgoKCiNyb3V0ZV8wPSItbmV0IDEwLjE2MC4wLjAg MTAuMC4xLjEwIC1uZXRtYXNrIDI1NS4yNTUuMC4wIiAKI3JvdXRlXzE9Ii1uZXQgMTAuMTYxLjAu MCAxMC4wLjEuMTAgLW5ldG1hc2sgMjU1LjI1NS4wLjAiCiNyb3V0ZV8yPSItbmV0IDEwLjE2Mi4w LjAgMTAuMC4xLjEwIC1uZXRtYXNrIDI1NS4yNTUuMC4wIgojcm91dGVfMj0iLW5ldCAxMC4xNjIu MC4wIDEwLjAuMS4xMCAtbmV0bWFzayAyNTUuMjU1LjAuMCIKCiNyb3V0ZV8wMD0iIC1uZXQgMTYu NjQuMC4wIC1pbnRlcmZhY2UgNjQuMTYwLjEzMS54eDciCiNyb3V0ZV8xNj0iIC1uZXQgMTYuNjQu MTYuMCAtaW50ZXJmYWNlIDY0LjE2MC4xMzEueHg3Igojcm91dGVfMzI9IiAtbmV0IDE2LjY0LjMy LjAgLWludGVyZmFjZSA2NC4xNjAuMTMxLnh4NyIKCgpnYXRld2F5X2VuYWJsZT0iWUVTIgojcm91 dGVyX2VuYWJsZT0iTk8iCQkjIFNldCB0byBZRVMgdG8gZW5hYmxlIGEgcm91dGluZyBkYWVtb24K I3JvdXRlcj0icm91dGVkIgkJIyBOYW1lIG9mIHJvdXRpbmcgZGFlbW9uIHRvIHVzZSBpZiBlbmFi bGVkCiNyb3V0ZXJfZmxhZ3M9Ii1xIgkJIyBGbGFncyBmb3Igcm91dGluZyBkYWVtb24KI2Zvcndh cmRfc291cmNlcm91dGU9Ik5PIgkjIERvIHNvdXJjZSByb3V0aW5nIChvbmx5IGlmIGdhdGV3YXlf ZW5hYmxlIGlzIHNldCB0byAiWUVTIikKI2FjY2VwdF9zb3VyY2Vyb3V0ZT0iTk8iCSMgQWNjZXB0 IHNvdXJjZSByb3V0ZWQgcGFja2V0cyB0byB1cwoKI1N5c3RlbSBjb25zb2xlIG9wdGlvbnMKc2F2 ZXI9InllcyIgCnNhdmVyPSJmaXJlIgpibGFua3RpbWU9IjIwMCIKCiNNaXNjZWxsYW5lb3VzIGFk bWluaXN0cmF0aXZlIG9wdGlvbnMKY3Jvbl9lbmFibGU9Ik5PIgkJIyAKc2VuZG1haWxfZW5hYmxl PSJOTyIKa2Vybl9zZWN1cmVsZXZlbF9lbmFibGU9IllFUyIKa2Vybl9zZWN1cmVsZXZlbD0iMiIK I2FjY291bnRpbmdfZW5hYmxlPSJOTyIJCSMgQWNjb3VudGluZz8KI2xpbnV4X2VuYWJsZT0iTk8i CQkjIFRyaXB3aXJlPwojc3ZyNF9lbmFibGUiTk8iCQkjIFByYWN0aWNlIFNSVjQgY29tbWFuZHM= --=====================_515832327==_ Content-Type: application/octet-stream; name="ipnat.rules" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="ipnat.rules" bWFwIHhsMCAxMC4wLjAuMC84IC0+IDY0LjE2MC4xMzEueHg3LzMyIHBvcnRtYXAgdGNwL3VkcCAx MDAwMDo2NTAwMAptYXAgeGwwIDEwLjAuMC4wLzggLT4gNjQuMTYwLjEzMS54eDcvMzIKI3JkciB4 bDAgNjQuMTYwLjEzMS54eDcvMzIgcG9ydCA4MCAtPiAxMC4wLjAuMSBwb3J0IDgwIHRjcCAK --=====================_515832327==_-- _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.0.2.1.0.20010325214801.00a45ec0>