From owner-freebsd-net Sat Dec 18 8:53:39 1999 Delivered-To: freebsd-net@freebsd.org Received: from netcom.com (netcom14.netcom.com [199.183.9.114]) by hub.freebsd.org (Postfix) with ESMTP id F11E814D0E for ; Sat, 18 Dec 1999 08:53:36 -0800 (PST) (envelope-from stanb@netcom.com) Received: (from stanb@localhost) by netcom.com (8.9.3/8.9.3) id IAA25336 for freebsd-net@FreeBSD.ORG; Sat, 18 Dec 1999 08:53:36 -0800 (PST) From: Stan Brown Message-Id: <199912181653.IAA25336@netcom.com> Subject: ipfw rule to allow traceroute to include 10.x.x.x addresses? To: freebsd-net@FreeBSD.ORG (FreeBSD Networking) Date: Sat, 18 Dec 1999 11:53:36 -0500 (EST) X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org My cablemodem provider uses 10.x.x.x addreses internaly yo thire network. I don;t want to start a flamewar on whether this is a good or bad thing., It's totaly out of my control. However it is causing me problems. Wuth the default "simple" firwall ruleset, the repy packests from the hops are blocked. I am having a bit of a problem designing a rule to place in front of the non-routable network blocking rules to allow these packets back in. I am using natd to tarnslate all the hosts on my local network, so it should allow any host on my network to do a tracerout. The basic problem that i am having is withe the protocal type. Using ip, or icpm seems to generate an error messae when I try to insert the rule. Any sugestions? -- Stan Brown stanb@netcom.com 404-996-6955 Factory Automation Systems Atlanta Ga. -- Look, look, see Windows 95. Buy, lemmings, buy! Pay no attention to that cliff ahead... Henry Spencer (c) 1998 Stan Brown. Redistribution via the Microsoft Network is prohibited. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message