Date: Wed, 29 Jan 1997 09:32:31 +0200 From: Ari Suutari <ari.suutari@ps.carel.fi> To: "'Archie Cobbs'" <archie@whistle.com>, Brian Somers <brian@awfulhak.demon.co.uk> Cc: "hackers@freebsd.org" <hackers@freebsd.org>, "cmott@srv.net" <cmott@srv.net> Subject: RE: ipdivert & masqd Message-ID: <01BC0DC7.5A8AF380@sodium.ps.carel.fi>
next in thread | raw e-mail | index | archive | help
Hi everyone, I had these problems with latest 2.2-SNAP release and maybe, just maybe with 2.2-ALPHA. It was quite simple to reproduce the problem - it occurred every time I opened a TCP connection from the same machine that natd was running on. Everything works well if packets come from different interface and are routed to another. I did some investigations in the kernel land (not being any expert on that), but it seemed like the ip_divert_ignore flag was still set (from processing a outgoing packet) when an incoming packet arrived. I used tcpdump and natd (in verbose mode) at the same time initially to figure out that the problem exists. To set up a testing environment with natd, one could say something like: ipfw flush ipfw add divert 32000 ip from any to any via your-if-name ipfw add pass ip from any to any natd -i 32000 -o 32001 -a your-if-address -v The port 32001 here is a dummy - it is required by the current code in natd. However, it is quite harmess, since no packets are diverted to that port with this setup. Hope this helps, Ari S. -----Original Message----- From: Archie Cobbs [SMTP:archie@whistle.com] Sent: 29. tammikuuta 1997 4:18 To: Brian Somers Cc: hackers@freebsd.org; ari.suutari@ps.carel.fi; cmott@srv.net Subject: Re: ipdivert & masqd > On investigation, he's correct. Tcp & udp return setup packets coming into > the machine with masqd running seem to disappear - masqd sees them, but when > it injects them back into the divert socket they disappear (the app never > sees them). > > This shows itself when you try to initiate a tcp/udp connection through the > divert sockets from the machine running masqd.... a timeout occurs. However, > machines that are having packets forwarded through the masqd machine are fine. > I'll have a look at the divert code and see if I can come up with anything > interresting. Under which version(s) of FreeBSD are you guys having this problem ? I'm trying to track it down... Thanks, -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01BC0DC7.5A8AF380>