From owner-freebsd-questions@FreeBSD.ORG Sun Aug 26 00:58:09 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3933016A419 for ; Sun, 26 Aug 2007 00:58:09 +0000 (UTC) (envelope-from mich.admin@mail.ru) Received: from mx28.mail.ru (mx28.mail.ru [194.67.23.67]) by mx1.freebsd.org (Postfix) with ESMTP id ED65313C459 for ; Sun, 26 Aug 2007 00:58:08 +0000 (UTC) (envelope-from mich.admin@mail.ru) Received: from f102.mail.ru (f102.mail.ru [194.67.57.10]) by mx28.mail.ru (mPOP.Fallback_MX) with ESMTP id 02F6B712805 for ; Sun, 26 Aug 2007 03:06:49 +0400 (MSD) Received: from mail by f102.mail.ru with local id 1IP4iN-000Gd1-00 for freebsd-questions@freebsd.org; Sun, 26 Aug 2007 03:06:47 +0400 Received: from [80.70.236.102] by win.mail.ru with HTTP; Sun, 26 Aug 2007 03:06:47 +0400 From: mich.admin@mail.ru To: freebsd-questions@freebsd.org Mime-Version: 1.0 X-Mailer: mPOP Web-Mail 2.19 X-Originating-IP: [80.70.236.102] Date: Sun, 26 Aug 2007 03:06:47 +0400 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit Message-Id: Subject: TCP packets don't flow from external hosts to WinVista clients behind X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: mich.admin@mail.ru List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Aug 2007 00:58:09 -0000 Hello... I've got a strange trouble... FreeBSD 6.2 amd64 as nat-router: rl0 85.249.249.249 -> ISP fxp0 10.0.0.1 -> My Internal Net natd/ng_nat ipfw: allow all from any to any WinXP client machines work fine behind nat, but WinVista, FreeBSD (5.5/6.2) clients don't. It's very strange but it's unable to establish any TCP internet connection from non WinXP host. ICMP and UDP packets flows normally. For example, I can ping host ya.ru, get DNS-reply from internet servers, play games via UDP, but i can't view web pages, open shh session and just can't "telnet" to any port!!!! Traffic from/to my net is not filtering by firewalls at all. I've tested it with natd ang ng_nat - there's no difference! I've tried to solve this problem during last week =( Unfortunately, i can't. Now i'm going to try using pf or ipfilter instead of ipfw or ever reinstall server OS and may be change freebsd architecture to i386. Any ideas ? P.S.Sorry for my bad english.