Date: Wed, 15 Oct 2003 23:25:12 +0900 From: Luke Kearney <lukek@meibin.net> To: freebsd-questions@freebsd.org Subject: Re: IPNAT/Slow TCP/Pings fine/4.8-REL (fwd) Message-ID: <20031015232128.08C5.LUKEK@meibin.net> In-Reply-To: <24540000.1066226966@lerlaptop-red.iadfw.net> References: <44oewiha2w.fsf@be-well.ilk.org> <24540000.1066226966@lerlaptop-red.iadfw.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 15 Oct 2003 09:09:26 -0500 Larry Rosenman <ler@lerctr.org> granted us these pearls of wisdom: > > > --On Wednesday, October 15, 2003 10:03:35 -0400 Lowell Gilbert > <freebsd-questions-local@be-well.no-ip.com> wrote: > > > Larry Rosenman <ler@lerctr.org> writes: > > > >> I was trying(!) to help a friend out, and built a 4.8-REL box > >> to play Router/NAT and it's ALMOST working. I can't seem to telnet/surf > >> from NAT'd addresses, but PING works fine. > > > > You can ping to the same addresses that you can't telnet to? > > On inside machines? > yes. I.E. from 192.168.30.53 I can ping 207.158.72.11, and telnet > to 207.158.72.11. While that telnet is up, I can log on to the FreeBSD > box, see the translation in ipnat -l, telnet to 207.158.72.11, and see the > session in 207.158.72.11's netstat, but I can't do anything useful on the > session from the 192.168.30.53 box. > > LER G'Day, What are the firewall rules like ? Has IPFilter been set to pass all ? ( or ipfw in case your using that instead )? Do you get name resolution if you query an external server via nslookup ? Just for kicks try enabling ipfilter with a ruleset like "" pass in log from any to any "" HTH LukeK
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031015232128.08C5.LUKEK>