From owner-freebsd-isdn Wed Apr 8 09:30:14 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA04782 for freebsd-isdn-outgoing; Wed, 8 Apr 1998 09:30:14 -0700 (PDT) (envelope-from owner-freebsd-isdn@FreeBSD.ORG) Received: from mailb.telia.com (mailb.telia.com [194.22.194.6]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA04756 for ; Wed, 8 Apr 1998 09:30:09 -0700 (PDT) (envelope-from arve.ronning@ah.telia.no) Received: from d1o203.telia.com (root@d1o203.telia.com [195.204.220.241]) by mailb.telia.com (8.8.8/8.8.8) with ESMTP id SAA11981 for ; Wed, 8 Apr 1998 18:30:04 +0200 (CEST) Received: from t7o201p29.telia.com (t7o201p29.telia.com [195.204.217.149]) by d1o203.telia.com (8.8.5/8.6.12) with SMTP id SAA01394 for ; Wed, 8 Apr 1998 18:30:01 +0200 (MET DST) X-Authentication-Warning: d1o203.telia.com: t7o201p29.telia.com [195.204.217.149] didn't use HELO protocol Message-ID: <352C2290.6FD4@ah.telia.no> Date: Wed, 08 Apr 1998 18:21:20 -0700 From: Arve Ronning X-Mailer: Mozilla 3.03 (Win16; I) MIME-Version: 1.0 To: freebsd-isdn@FreeBSD.ORG Subject: I4B & NAT Content-Type: text/plain; charset=us-ascii; name="UNTITLED.TXT" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="UNTITLED.TXT" Sender: owner-freebsd-isdn@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Trying to build a router/gateway between my privat Ethernet and the Internet (via my ISP), I have problems with I4B or NAT (I think:). The 2.2.5-R kernel with options IPFIREWALL and IPDIVERT works fine with ISDN4BSD 0.50-alpha and firewall rule 'pass all from any to any'. However, when I add 'divert natd all from any to any via isppp0' and start natd, name server lookups to the ISP's NS don't work. Also, ping and nslookup fails from any other internal host. So: why doesn't this work ? (I know, it's probably a screw-up caused by my ignorance:). Any help would be appreciated. Any clues in the logs below ? Thanx for your time, -Arve 'natd -verbose -interface isppp0' logs: Ping Gate -> ISP -> Gate, OK Out [ICMP] 192.193.194.240 -> 10.0.0.1 aliased to 0.0.0.0 -> 10.0.0.1 In [ICMP] 10.0.0.1 -> 192.193.194.240 aliased to 10.0.0.1 -> 192.193.194.240 Nslookup Gate -> ISP -> ??, answer never reaches Gate Out [UDP] 192.193.194.240 -> 10.0.0.1 aliased to 0.0.0.0 -> 10.0.0.1 Out [UDP] 192.193.194.240 -> 10.0.0.1 aliased to 0.0.0.0 -> 10.0.0.1 Out [UDP] 192.193.194.240 -> 10.0.0.1 aliased to 0.0.0.0 -> 10.0.0.1 Ping Internal -> Gate -> ISP -> Gate, return never reaches Internal Out [ICMP] 172.16.3.40 -> 10.0.0.1 aliased to 0.0.0.0 -> 10.0.0.1 In [ICMP] 10.0.0.1 -> 192.193.194.240 aliased to 10.0.0.1 -> 192.193.194.240 Out [ICMP] 172.16.3.40 -> 10.0.0.1 aliased to 0.0.0.0 -> 10.0.0.1 In [ICMP] 10.0.0.1 -> 192.193.194.240 aliased to 10.0.0.1 -> 192.193.194.240 ipfw rules and routing tables: Gate# ipfw list 00100 divert 6668 ip from any to any via isppp0 00200 allow ip from any to any 65535 deny ip from any to any Gate# netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default isppp0 USc 2 0 isppp0 0.0.0.1 default UH 0 0 isppp0 172.16.3/24 link#1 UC 0 0 172.16.3.40 8:0:2b:36:8:9d UHLW 3 2003 ed1 707 127.0.0.1 127.0.0.1 UH 0 0 lo0 Gate# netstat -in Name Mtu Network Address Ipkts Ierrs Opkts Oerrs ed1 1500 00.00.e8.a0.d4.09 3072 0 2029 0 ed1 1500 172.16.3/24 172.16.3.10 3072 0 2029 0 lp0* 1500 0 0 0 0 isppp 1500 51 4 79 0 isppp 1500 0/24 192.193.194.240 51 4 79 0 isppp 1500 0 0 0 0 isppp 1500 0 0 0 0 isppp 1500 0 0 0 0 ipr0* 1500 0 0 0 0 ipr1* 1500 0 0 0 0 ipr2* 1500 0 0 0 0 ipr3* 1500 0 0 0 0 lo0 16384 0 0 0 0 lo0 16384 127 127.0.0.1 0 0 0 0 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isdn" in the body of the message