Date: Wed, 6 Feb 2002 21:54:17 -0500 From: "Marko" <markovich@mindspring.com> To: "Rogier R. Mulhuijzen" <drwilco@drwilco.net> Cc: Doug White <dwhite@resnet.uoregon.edu>, freebsd-hackers@FreeBSD.ORG Subject: Re[4]: natd UDP errors with PPP demand dial Message-ID: <199529679048.20020206215417@mindspring.com> In-Reply-To: <165500266655.20020206134404@mindspring.com> References: <20020204114052.Q61624-100000@resnet.uoregon.edu> <20020204114052.Q61624-100000@resnet.uoregon.edu> <5.1.0.14.0.20020206020222.01c18290@mail.drwilco.net> <165500266655.20020206134404@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
M> Thank you for your response, Rogier. RRM>> 1) Have you told natd the interface is dynamic and might change IPs? M> Yes, of course. RRM>> 2) If you're using ppp, why even bother with natd? The NAT in ppp uses the RRM>> exact same libalias and gives you less headaches with ipfw because the RRM>> translation on incoming packets is done before they hit ipfw, and outgoing RRM>> after ipfw let them go. I can tell you this helps a lot when trying to use RRM>> dynamic rules. M> That's a great idea! I had not considered it until now. I would M> just need to work the anti-spoofing and private net rules into the ppp nat process M> somehow. I guess, I would have to use ppp filtering just for those M> rules. If I can do that, your way does seem to be a good place to M> start in resolving my error messages. I think having ppp do the NAT for me is not going to work. The ppp manual I have here says that ppp does incoming filtering after it does incoming NAT. I don't see how one can have private nets, spoofing, Reserved-1 and such filtering that has to happen on the outside interface before NAT. Plus, I think I will run out of "in" filter rule numbers. I think I have to stick with the conventional setup, and go back to trying to answer my original questions: 1. Why is the machine trying to send packets to its own previous IP? 2. How do I stop that? Marko To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199529679048.20020206215417>