From owner-freebsd-questions Sun May 14 6: 9:22 2000 Delivered-To: freebsd-questions@freebsd.org Received: from alumni.ee.ust.hk (alumni.ee.ust.hk [143.89.44.247]) by hub.freebsd.org (Postfix) with SMTP id 69DE837B583 for ; Sun, 14 May 2000 06:09:10 -0700 (PDT) (envelope-from 97Efcw@alumni.ee.ust.hk) Received: from alumni.ee.ust.hk ([61.10.51.8]) by alumni.alumni.ee.ust.hk with SMTP id <8361(2)>; Sun, 14 May 2000 21:07:29 +0800 Message-ID: <391EA5AE.86617E1F@alumni.ee.ust.hk> From: Chris <97Efcw@alumni.ee.ust.hk> Organization: Chrisland X-Mailer: Mozilla 4.72 [en] (Windows NT 5.0; U) X-Accept-Language: en,pdf MIME-Version: 1.0 To: freebsd-questions@FreeBSD.ORG Subject: [Fwd: Found! Re: natd: failed to write packet back] Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Date: Sun, 14 May 2000 21:07:27 +0800 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi all, Thanks for the clues. Sorry that I forgot to check the archive first. After running natd in verbose, I found that my box was trying to connect to 192.168.128.3, which was denied by ipfw. Further investigating found that that ip was given by my ISP during dhcp ("option dhcp-server-identifier 192.168.128.3"). Seems it is time to complain my ISP. By the mean time, it is advisable for me to add a ipfw rule before DIVERT to discard those traffic earlier and to avoid the message? BTW, why can't these information logged in the natd log file? Thanks for help. Chris Glenn Johnson wrote: > > On Sat, May 13, 2000 at 08:29:18PM +0800, Chris wrote: > > > Hi, > > > > I am using a freebsd box as a gateway to connect to internet. It is > > running natd. I find in the /var/log/messages that "natd[13276]: > > failed to write packet back (Permission denied)" quite often. I try > > to enable the log of natd, but nothing special here. I also check my > > firewall log but nothing is denied. Any clues? > > > > The box is running 4.0-stable cvsup'ed month ago. > > I believe there is some discussion of this error in the mail archives so > you may want to check there. > > You do not say what type of firewall you are running, "OPEN, CLIENT, > SIMPLE" as defined in /etc/rc.conf so it could be any number of > things. You could run natd in verbose mode and watch the output so you > can see what natd is doing. There is a good chance that ICMP traffic is > causing the error. > > Hope that helps. > > -- > Glenn Johnson > glennpj@bayouhome.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message