From owner-freebsd-ipfw  Mon Aug 14  3:21:38 2000
Delivered-To: freebsd-ipfw@freebsd.org
Received: from freenix.no (atreides.freenix.no [213.188.21.6])
	by hub.freebsd.org (Postfix) with ESMTP id 1338137B982
	for <freebsd-ipfw@FreeBSD.ORG>; Mon, 14 Aug 2000 03:21:33 -0700 (PDT)
	(envelope-from shamz@freenix.no)
Received: (from shamz@localhost)
	by freenix.no (8.9.3/8.9.3) id MAA08036;
	Mon, 14 Aug 2000 12:20:53 +0200 (CEST)
	(envelope-from shamz)
Date: Mon, 14 Aug 2000 12:20:53 +0200
From: Shaun Jurrens <shaun@shamz.net>
To: "Oleg Y. Ivanov" <oleg_y_ivanov@mailru.com>
Cc: freebsd-ipfw@FreeBSD.ORG
Subject: Re: connections via natd dying in natd
Message-ID: <20000814122053.B7893@atreides.freenix.no>
References: <003c01bffd88$a2df8380$0801a8c0@admin.uzdw-centre.ru>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0.1i
In-Reply-To: <003c01bffd88$a2df8380$0801a8c0@admin.uzdw-centre.ru>; from oleg_y_ivanov@mailru.com on Fri, Aug 04, 2000 at 12:22:53AM +0400
X-Operating-System: FreeBSD 4.0-STABLE
X-Philosophy: If you can read this, you're too close.
Sender: owner-freebsd-ipfw@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Fri, Aug 04, 2000 at 12:22:53AM +0400, Oleg Y. Ivanov wrote:
#> Hey , I also have this problem =8-(((
#> In my case this message usually appears when ipfw is used in stateful mode &
#> rule with "keep-state" addendum expires.Packet written by natd hits default
#> (or any other ;) "deny" rule.
#> Is this scenario enough realistic ?

	More or less the behavior I am experiencing, yes.  Sorry about the
	slow response.

#> >>Shaun Jurrens writes:
#> >> I have been struggling with this problem for a number of months,
#> actually.  I
#> >> had it using 3-STABLE boxes and now with one 4-STABLE through the
#> 3(.5)-STABLE
#> >> natd gateway, the same problem occurs.  The problem: connections via natd
#> >> suddenly drop and similtaneously, I get errors on the console for the
#> gateway
#> >> box that natd has "failed to write the packet back (Permission denied)".
#> This
#> >> is almost exclusively with ssh connections (mostly because they are the
#> most
#> >> constant long time connections I have to notice this behavior)


Yours truly,

Shaun D. Jurrens
shaun@shamz.net
shamz@freenix.no

IRCNET nick: shamz #chillout #unix #FreeBSD


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message