Date: Mon, 10 Dec 2001 11:14:45 +0000 From: Josh Paetzel <friar_josh@webwarrior.net> To: Mike D <d01f1n@yahoo.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: natd ignores "natd_flags"? Message-ID: <20011210111445.J1432@twincat.vladsempire.net> In-Reply-To: <20011210085150.TANF27606.mta05-svc.ntlworld.com@there>; from d01f1n@yahoo.com on Mon, Dec 10, 2001 at 08:51:25AM %2B0000 References: <20011210075001.JESP3849.mta06-svc.ntlworld.com@there> <20011210085948.B22592@neptune.deep-ocean.local> <20011210085150.TANF27606.mta05-svc.ntlworld.com@there>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Dec 10, 2001 at 08:51:25AM +0000, Mike D wrote: > > [I think this question should be redirected to -questions or -net, but > > anyway...] > > should only programming questions be posted here? > > > do you have IPFIREWALL in your kernel ? is is configured "default to > > deny" ? This is typically what is bugginig me when natd fails to write a > > packet : a nasty firewall rule... > > I have a ipfw rules file, the point is I want to log the deny natd messages, > not see them. > > > > > man ipfw & read the handbook, section networking (correct me if i'm > > wrong). > > I don't think this is an ipfw issue - the failure msg comes from natd, not > ipfw. Could be wrong of course! > > > > > Olivier > > > > On Mon, Dec 10, 2001 at 07:49:37AM +0000, Mike D wrote: > > > I have in my rc.conf: > > > > > > natd_enable="YES" > > > natd_interface="xl1" > > > natd_flags="-f /etc/natd.conf" > > > > > > and in /etc/natd.conf: > > > > > > interface xl1 > > > dynamic yes > > > use_sockets yes > > > same_ports yes > > > log_denied yes > > > > > > however, since I am still seeing the "host4 natd[198]: failed to write > > > packet back (Permission denied)" messages, I'm guessing "log_denied" is > > > not being picked up. The logging that the conf file is talking about is logging packets that are denied by natd. This is not what is happening to you, hence you are seeing these messages. natd is trying to tell you that something in your configuration for natd/ipfw is broken. You can adjust syslogd to log them to /var/log/messages, but it would be much better to fix the issue. Josh To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011210111445.J1432>