Date: Wed, 10 May 2000 04:10:07 -0700 (PDT) From: Ruslan Ermilov <ru@FreeBSD.org> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/18354: NATD diverts DMZ packets to firewall host Message-ID: <200005101110.EAA51001@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/18354; it has been noted by GNATS. From: Ruslan Ermilov <ru@FreeBSD.org> To: Brian Somers <brian@Awfulhak.org> Cc: goran.lowkrantz@infologigruppen.se, freebsd-gnats-submit@FreeBSD.org, Charles Mott <cmott@scientech.com>, Eivind Eklund <perhaps@yes.no>, Ari Suutari <ari@suutari.iki.fi> Subject: Re: bin/18354: NATD diverts DMZ packets to firewall host Date: Wed, 10 May 2000 13:59:09 +0300 On Tue, May 09, 2000 at 11:41:01PM +0100, Brian Somers wrote: > > >Number: 18354 > > >Category: bin > > >Synopsis: NATD diverts DMZ packets to firewall host > > This is happening because I changed the libalias(3) default so that > it drops packets from outside to inside on the gateway by default > rather than passing them into the (private) internal network. This > behaviour can be altered using PacketAliasSetTarget(). IMHO this is > what people expect and is what the documentation indicated was the > intention. > > When I sent a patch to Ruslan (cc'd) adding a -t option to natd, he > pointed out that natd's documentation clearly doesn't expect this to > happen. > > We decided to ask about the original intentions and decide what to do > based on the outcome, but haven't received a reply from Charles (cc'd > as a gentle poke) yet. > But have managed to MFC the libalias(3) bits :) > So, this is in limbo. At the moment, there's no way to get the old > behaviour (maybe we should add the -t switch in the interim - Ruslan, > have you still got that patch? Or if you don't want to do that, > perhaps we should just do a PacketAliasSetTarget(INADDR_ANY) in > natd.c for now). > I will add a PacketAliasSetTarget(INADDR_ANY) call today. -- Ruslan Ermilov Sysadmin and DBA of the ru@ucb.crimea.ua United Commercial Bank, ru@FreeBSD.org FreeBSD committer, +380.652.247.647 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200005101110.EAA51001>