Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 9 May 2000 15:50:03 -0700 (PDT)
From:      Brian Somers <brian@Awfulhak.org>
To:        freebsd-bugs@FreeBSD.org
Subject:   Re: bin/18354: NATD diverts DMZ packets to firewall host 
Message-ID:  <200005092250.PAA49042@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The following reply was made to PR bin/18354; it has been noted by GNATS.

From: Brian Somers <brian@Awfulhak.org>
To: goran.lowkrantz@infologigruppen.se
Cc: freebsd-gnats-submit@FreeBSD.org,
	Brian Somers <brian@awfulhak.org>, Ruslan Ermilov <ru@FreeBSD.org>,
	Charles Mott <cmott@scientech.com>, Eivind Eklund <perhaps@yes.no>,
	Ari Suutari <ari@suutari.iki.fi>
Subject: Re: bin/18354: NATD diverts DMZ packets to firewall host 
Date: Tue, 09 May 2000 23:41:01 +0100

 > >Number:         18354
 > >Category:       bin
 > >Synopsis:       NATD diverts DMZ packets to firewall host
 
 This is happening because I changed the libalias(3) default so that 
 it drops packets from outside to inside on the gateway by default 
 rather than passing them into the (private) internal network.  This 
 behaviour can be altered using PacketAliasSetTarget().  IMHO this is 
 what people expect and is what the documentation indicated was the 
 intention.
 
 When I sent a patch to Ruslan (cc'd) adding a -t option to natd, he 
 pointed out that natd's documentation clearly doesn't expect this to 
 happen.
 
 We decided to ask about the original intentions and decide what to do 
 based on the outcome, but haven't received a reply from Charles (cc'd 
 as a gentle poke) yet.
 
 So, this is in limbo.  At the moment, there's no way to get the old 
 behaviour (maybe we should add the -t switch in the interim - Ruslan, 
 have you still got that patch?  Or if you don't want to do that, 
 perhaps we should just do a PacketAliasSetTarget(INADDR_ANY) in 
 natd.c for now).
 -- 
 Brian <brian@Awfulhak.org>                        <brian@[uk.]FreeBSD.org>
       <http://www.Awfulhak.org>;                   <brian@[uk.]OpenBSD.org>
 Don't _EVER_ lose your sense of humour !
 
 
 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200005092250.PAA49042>