Date: Tue, 18 May 1999 12:10:04 -0700 (PDT) From: mitch@hardwarestreet.com To: freebsd-gnats-submit@freebsd.org Subject: kern/11766: Can not traceroute through ipnat. Message-ID: <19990518191004.52587150E6@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 11766 >Category: kern >Synopsis: Can not traceroute through ipnat. >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue May 18 12:20:01 PDT 1999 >Closed-Date: >Last-Modified: >Originator: Mitch Wright >Release: FreeBSD 3.1-RELEASE #0 >Organization: HardwareStreet.com >Environment: bash-2.02# uname -a FreeBSD bc.internetstreet.net 3.1-RELEASE FreeBSD 3.1-RELEASE #0: Sun Mar 28 09:54:29 PST 1999 mitch@bc.netline.com:/usr/src/sys/compile/BC i386 >Description: I have enabled the IPFILTER options in the kernel and am making use of ipnat. Most things work as expected; however, traceroute does not. It simply times out after hitting the NAT box and goes no further. I've cvsup'd the latest sources, but that hasn't seemed to help. >How-To-Repeat: The obvious.... enable IPFILTER in your kernel and set up ipnat. The rules I am using are quite simple.. map fxp1 10.20.30.0/24 -> 207.20.86.209/32 portmap tcp/udp 10000:65000 map fxp1 10.20.30.0/24 -> 207.20.86.209/32 # map fxp1 10.20.30.0/24 -> 207.20.86.209/32 proxy port ftp ftp/tcp >Fix: Well... I think it is simply a matter of updating the version of ipfilter being used. A similar (same?) bug is mentioned in the HISTORY file of the latest ipfilter (3.2.10). >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990518191004.52587150E6>