Date: Tue, 13 Jul 1999 16:22:17 +0200 From: Thierry Herbelot <thierry.herbelot@alcatel.fr> To: kori <kori@mail.ru> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: stupid and probable very simple problem with ipfw Message-ID: <378B4B99.71FA7B10@alcatel.fr> References: <12741.990713@mail.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
The rc.firewall script you use has most certainly a bug : the lines prohibiting 192.168.x.y addresses are executed after natd/divert rules, so the packets after IP address translation are discarded (my solution was to comment out the ipfw rules controlling IP spoofing for 192.168.x.y in the "simple" fw settings) TfH Kori wrote: > > Hello , > > Sorry for wasting your time > I've stupid and probable very simple problem: > I use FreeBSD (2.2.8 stable) > when I choose in rc.firewall type of firewall simple and > fill other necessary fields: > then restart computer > > #ping www.com > #natd:failed to write packet back (Permission denied) > > #ping 10.0.0.3 > #ping:sendto:Permission denied > > #ping (my outside inet address) > it's working good > > #ping (my inside inet address) > it's working good > > #ping 127.0.0.1 > it's working good > > if I choose in rc.firewall type of firewall open and > restart computer > > all working good! > What's my simple mistake? > > Best regards, > Sergey Kornienko > mailto:kori@mail.ru > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?378B4B99.71FA7B10>