From owner-freebsd-hackers Mon Dec 4 14:41:16 2000 From owner-freebsd-hackers@FreeBSD.ORG Mon Dec 4 14:41:15 2000 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from sdmail0.sd.bmarts.com (sdmail0.sd.bmarts.com [192.215.234.86]) by hub.freebsd.org (Postfix) with SMTP id C2BE637B400 for ; Mon, 4 Dec 2000 14:41:14 -0800 (PST) Received: (qmail 15424 invoked by uid 1078); 4 Dec 2000 22:41:30 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 4 Dec 2000 22:41:30 -0000 Date: Mon, 4 Dec 2000 14:41:30 -0800 (PST) From: Gordon Tetlow X-Sender: gordont@sdmail0.sd.bmarts.com To: Charles Anderson Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: natd bug In-Reply-To: <20001204135853.A24637@midgard.dhs.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG It didn't seem to help for me. I still get lots of permission denied, but then again, I'm also using a much stricter set of rules. I seriously hope that the fact we are using 3com etherlink iii cards doesn't have anything to do with it. Just to note. As far as I can tell, it's still doing nat just fine, it's just filling up my log. -gordon On Mon, 4 Dec 2000, Charles Anderson wrote: > I had the same thing until I removed rule 200 in rc.firewall (using open) > #${fwcmd} add 200 deny all from any to 127.0.0.0/8 > > Now it works, but I feel a bit less secure, but I don't have anything of > great importance on the box. > > One thing I noticed in common, is we're both running Etherlink III's. > (although mine is isa and yours is PCI) I have a friend that a pair of fxp's, > and I tried his rc.firewall, that works fine for him, but doesn't for me. > > -Charlie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message