Date: Tue, 20 Jul 2010 14:43:18 -0400 From: alexus <alexus@gmail.com> To: Aiza <aiza21@comclark.com> Cc: freebsd-questions@freebsd.org Subject: Re: ipnat.conf - map and rdr won't work! Message-ID: <AANLkTimSIMKbBun8xAaoKbNgLhLm38CpGsBa14JN8QIt@mail.gmail.com> In-Reply-To: <4C45E7EA.7090403@comclark.com> References: <AANLkTilVTo36Fzdh2DKAQhRjyDj8MNUuV9dhwvQ7Gf-V@mail.gmail.com> <AANLkTinh0CykJ1Av3f2THPDFOLS0YtYLDvRMHXm_wD3w@mail.gmail.com> <4C3F91CF.5090206@locolomo.org> <AANLkTin6hYyHiG8taifkNHPBtKI0rKOkAaGRYodV1LLC@mail.gmail.com> <4C419944.8030702@locolomo.org> <AANLkTin8H47Z7suztGnWpa8fm-XIagQ6vzlxP85OIT-B@mail.gmail.com> <4C447F7F.6020308@locolomo.org> <AANLkTinM1E2Obrs8VqSsm3S_jcXqbw_Q1YLkc51tgJsS@mail.gmail.com> <4C45CBA3.9020800@comclark.com> <AANLkTileySmaFe4WCud1_MFWXnlHsnNF6DEQUgsmSHE1@mail.gmail.com> <4C45E7EA.7090403@comclark.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 20, 2010 at 2:16 PM, Aiza <aiza21@comclark.com> wrote: > alexus wrote: >>> >>> =C2=A0su-3.2# grep ^firewall /etc/rc.conf >>> =C2=A0firewall_enable=3D"YES" >>> =C2=A0firewall_type=3D"open" >>> >>> =C2=A0su-3.2# grep ^ip /etc/rc.conf >>> =C2=A0ipfilter_enable=3D"YES" >>> =C2=A0ipmon_enable=3D"YES" >>> =C2=A0ipnat_enable=3D"YES" >>> =C2=A0ipnat_flags=3D"-d" >>> >>> This is not good. >>> You are running 2 different firewalls at the same time. >>> comment out >>> firewall_enable=3D"YES" >>> firewall_type=3D"open" >>> >>> and reboot your system. >>> >>> >> >> do you know that for a fact or you just guessing?? >> >> because first of all it worked before just fine with 2 firewalls >> second i disabled firewall, so firewall is no longer an issue >> third i have another system just like that that runs 2 firewall and >> everything working just fine! >> >> if you dont know the answer there is no need to throw just any answer >> as its pretty clear that this isn't the right answer >> > Just because 2 firewalls at same time didn't blow up in your face before, > sure don't mean they are working correctly. Thats one bad assumption to b= ase > debugging on. i never had any problem doing so, not that i'm saying it's a smart thing to= do i'm well aware of that, and as i mention before both firewall doing different purposes its not like i'm filtering packets with both firewalls at the same time. > Jumping in my face, questioning the free advice given, sure makes you loo= k > foolish. You should read the handbook firewall section before opening you= r > month and sticking your foot into it. i wasn't jumping in your face, i just outline some of the facts. i'm asking help here, there is no point for me to jump anyone. > People on this list will stop helping if you turn on them and bit the han= d > that feeds you. > > And another thing. Network access for a jail is not controlled by the hos= ts > firewall. You need to look else where for your jail network access soluti= on. my jail has a private IP address, so in order to get to my jail you need to go through public IP and that being hosted within host environment jail itself seem like it's functional fine as i can ssh into jail from host environment so my guess i gotta look somewhere inside of ipnat, since ipnat is responsible for routing packets from/to jail > If your attitude was not so XXXXXXX, I could have told you the solution, = but > now go learn it the hard way. i'm sorry you feel that way, surely didn't mean anything bad by outlining f= acts. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" > --=20 http://alexus.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTimSIMKbBun8xAaoKbNgLhLm38CpGsBa14JN8QIt>