From owner-freebsd-chat@FreeBSD.ORG Mon Jul 24 01:20:38 2006 Return-Path: X-Original-To: freebsd-chat@freebsd.org Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E514716A4DA; Mon, 24 Jul 2006 01:20:38 +0000 (UTC) (envelope-from dan@langille.org) Received: from m21.unixathome.org (m21.unixathome.org [205.150.199.217]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8B43C43D46; Mon, 24 Jul 2006 01:20:38 +0000 (GMT) (envelope-from dan@langille.org) Received: from localhost (localhost [205.150.199.217]) by m21.unixathome.org (Postfix) with ESMTP id 5DD69C3B0; Sun, 23 Jul 2006 21:20:48 -0400 (EDT) Received: from m21.unixathome.org ([205.150.199.217]) by localhost (m21.unixathome.org [205.150.199.217]) (amavisd-new, port 10024) with ESMTP id 03110-06; Sun, 23 Jul 2006 21:20:45 -0400 (EDT) Received: from bast.unixathome.org (bast.unixathome.org [70.26.229.230]) by m21.unixathome.org (Postfix) with ESMTP id 169E0BFB2; Sun, 23 Jul 2006 21:20:44 -0400 (EDT) Received: from [10.55.0.99] (wocker.unixathome.org [10.55.0.99]) by bast.unixathome.org (Postfix) with ESMTP id 42619B822; Sun, 23 Jul 2006 21:20:34 -0400 (EDT) From: "Dan Langille" To: freebsd-chat@freebsd.org Date: Sun, 23 Jul 2006 21:20:33 -0400 MIME-Version: 1.0 Message-ID: <44C3E821.27184.51D99D2E@dan.langille.org> Priority: normal X-mailer: Pegasus Mail for Windows (4.31) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at unixathome.org Cc: freebsd-advocacy@freebsd.org Subject: Donations sought for hardware purchase X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jul 2006 01:20:39 -0000 Hi folks, I'm asking for donations to purchase SATA drives for a new server. Details at: http://www.freebsddiary.org/opteron-drives-fund-raising.php -- Dan Langille : Software Developer looking for work my resume: http://www.freebsddiary.org/dan_langille.php From owner-freebsd-chat@FreeBSD.ORG Mon Jul 24 08:34:52 2006 Return-Path: X-Original-To: freebsd-chat@freebsd.org Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6B65516A4DF for ; Mon, 24 Jul 2006 08:34:52 +0000 (UTC) (envelope-from killa@ebash.it) Received: from mx1.caravan.ru (mx1.caravan.ru [217.23.130.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2D43A43D58 for ; Mon, 24 Jul 2006 08:34:50 +0000 (GMT) (envelope-from killa@ebash.it) Received: from [217.23.131.8] (helo=[10.0.0.41]) by mx1.caravan.ru with esmtp (Exim 4.60) (envelope-from ) id 1G4vu5-000NfG-Fm; Mon, 24 Jul 2006 12:35:05 +0400 Message-ID: <44C48848.9020900@ebash.it> Date: Mon, 24 Jul 2006 12:43:52 +0400 From: "Oleg D." User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050517) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Benjamin Adams References: <2a4116b0607210712n70ab1a99wa33e19aa7b80de1a@mail.gmail.com> <5c181dc8eb8ca771ca5f0ff366220b97@localhost> <2a4116b0607211017p95b504dj4e5ec8d658bd1083@mail.gmail.com> In-Reply-To: <2a4116b0607211017p95b504dj4e5ec8d658bd1083@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: perl@ebash.ru, freebsd-chat@freebsd.org Subject: Re: DNS Question X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Jul 2006 08:34:52 -0000 Hello, Bad idea to debug without logs. NS order doesn't matter. > Using dig any zone dnsip all three have the same data but the NS > order is > different. > I have cleaned up logs, I only get some query (cache) denied Where did you get it? Can you show this 'denial' message? > > On 7/21/06, Oleg D. wrote: > >> >> >> Any log details? >> Did you asked `dig any foo.zone @YOUR-BROKEN-DNS-SERVER-IP` from outside >> except any other DNStools? >> >> On Fri, 21 Jul 2006 10:12:07 -0400, "Benjamin Adams" < >> adams.benjamin@gmail.com> wrote: >> > I have a DNS server setup, with two slaves. Every once in a while >> > connections on some of the clients lose connection to outside the >> network. >> > But everything still works fine from outside. I went to DNScheck and >> > other >> > sites. Everything is reported as working fine. >> > >> > Any ideas? Don't know really how to debug. >> > Thanks >> > _______________________________________________ >> > freebsd-chat@freebsd.org mailing list >> > http://lists.freebsd.org/mailman/listinfo/freebsd-chat >> > To unsubscribe, send any mail to >> "freebsd-chat-unsubscribe@freebsd.org" >> -- >> don't believe every word people use to say, they might be wrong >> >> > _______________________________________________ > freebsd-chat@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-chat > To unsubscribe, send any mail to "freebsd-chat-unsubscribe@freebsd.org" From owner-freebsd-chat@FreeBSD.ORG Thu Jul 27 16:47:38 2006 Return-Path: X-Original-To: freebsd-chat@freebsd.org Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DB4A516A4DF for ; Thu, 27 Jul 2006 16:47:38 +0000 (UTC) (envelope-from adam.egan@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.185]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4537D43D4C for ; Thu, 27 Jul 2006 16:47:37 +0000 (GMT) (envelope-from adam.egan@gmail.com) Received: by nf-out-0910.google.com with SMTP id n29so232954nfc for ; Thu, 27 Jul 2006 09:47:35 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=nh2r2PHbNWMy9zUl7I1yeI+yIZ2LpEkGFBrFV7wmvrAe2wSCKk1kS9YfamQexQ/bKBH5iS128u7KFdRyoQAcxkoat5iftxMLZ1TJ0Bp4q5scjJ4lRGgey6GGlwK+4iDrhOdCa2NclNKlnaMvWl+QebKkmHsrdZbTYEr7HOhFsy0= Received: by 10.49.42.5 with SMTP id u5mr213939nfj; Thu, 27 Jul 2006 09:47:34 -0700 (PDT) Received: by 10.48.207.18 with HTTP; Thu, 27 Jul 2006 09:47:34 -0700 (PDT) Message-ID: <28745bbf0607270947i6d71369fg5c1403b2d6e36219@mail.gmail.com> Date: Thu, 27 Jul 2006 17:47:34 +0100 From: "Adam Egan" To: freebsd-chat@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: ipfw and natd routing problems X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Jul 2006 16:47:38 -0000 Hi, I've recently installed FreeBSD on a Soekris Net 4801 to act as my LAN's router. I have got natd and ipfw working fine (there was originally some trouble with getting an IP from NTL via dhcp because I hadn't allowed the cable modem's ip to talk to the router, or NTL's dhcp servers to also talk to the router). My only problem now is that although connections going out through natd work fine, natd port forwarding does not work correctly. I am not sure whether this is a problem with natd or just my ipfw rule(s), though I am more inclined to believe it is ipfw! ipfw and natd are enabled in /etc/rc.conf through the following lines: #enable firewall firewall_enable="YES" #path to rules firewall_type="/etc/fw/firewall.rules" #be non-verbose? firewall_quiet="NO" #enable natd natd_enable="YES" #natd interface natd_interface="sis0" #flags for natd natd_flags="-f /etc/fw/natd.conf" Below is my ipfw natd rule, and the natd.conf file: [ipfw] # check if incoming packets belong to a natted session, allow through if yes add 01000 divert natd ip from any to any in via sis0 add 01001 check-state [natd.conf] unregistered_only interface sis0 use_sockets dynamic punch_fw 2000:100 same_ports redirect_port tcp 192.168.0.5:80 80 redirect_port tcp 192.168.0.5:6700-6725 6700-6725 When trying to access port 80 (the httpd) externally, the connection just times out, as does any other connection. Any help would be greatly appreciated! Adam From owner-freebsd-chat@FreeBSD.ORG Fri Jul 28 16:13:58 2006 Return-Path: X-Original-To: freebsd-chat@freebsd.org Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BD1C916A4E0 for ; Fri, 28 Jul 2006 16:13:58 +0000 (UTC) (envelope-from stb@lassitu.de) Received: from koef.zs64.net (koef.zs64.net [213.238.47.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 052A443D4C for ; Fri, 28 Jul 2006 16:13:57 +0000 (GMT) (envelope-from stb@lassitu.de) Received: (from stb@koef.zs64.net) (authenticated) by koef.zs64.net (8.13.7/8.13.7) with ESMTP id k6SGDiQx066486 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO); Fri, 28 Jul 2006 18:13:55 +0200 (CEST) (envelope-from stb@lassitu.de) In-Reply-To: <28745bbf0607270947i6d71369fg5c1403b2d6e36219@mail.gmail.com> References: <28745bbf0607270947i6d71369fg5c1403b2d6e36219@mail.gmail.com> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <980FE9AA-8300-4019-BAEE-7B7C0708526D@lassitu.de> Content-Transfer-Encoding: 7bit From: Stefan Bethke Date: Fri, 28 Jul 2006 18:13:45 +0200 To: Adam Egan X-Mailer: Apple Mail (2.752.2) Cc: freebsd-chat@freebsd.org Subject: Re: ipfw and natd routing problems X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2006 16:13:58 -0000 Am 27.07.2006 um 18:47 schrieb Adam Egan: > add 01000 divert natd ip from any to any in via sis0 natd needs to work on both incoming and ooutgoing connections. Dropping the "in" keyword should do the trick. HTH, Stefan -- Stefan Bethke Fon +49 170 346 0140 From owner-freebsd-chat@FreeBSD.ORG Fri Jul 28 17:05:21 2006 Return-Path: X-Original-To: freebsd-chat@freebsd.org Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E14EC16A4DE for ; Fri, 28 Jul 2006 17:05:21 +0000 (UTC) (envelope-from adam.egan@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.186]) by mx1.FreeBSD.org (Postfix) with ESMTP id DED2743D55 for ; Fri, 28 Jul 2006 17:05:20 +0000 (GMT) (envelope-from adam.egan@gmail.com) Received: by nf-out-0910.google.com with SMTP id n29so247074nfc for ; Fri, 28 Jul 2006 10:05:19 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=F70py1txaQ2VF0ZbF+y3L8zVcw4I6ccG36OnVQmxGffmInoLG71/0g7LdNtSGDlizus7b0RrggbhSicYix+Zj/CD3rjM3JEqcxnltPHnzcNJoPSi8D34x/IbXBVp6H9ezMRBN1M4Kwx7ZrGDeUQxREuRo8e1PWQcOc0x8HnshLk= Received: by 10.48.80.20 with SMTP id d20mr928847nfb; Fri, 28 Jul 2006 10:05:19 -0700 (PDT) Received: by 10.48.207.18 with HTTP; Fri, 28 Jul 2006 10:05:18 -0700 (PDT) Message-ID: <28745bbf0607281005t77d676a5ge7e5e8fcf1ea280e@mail.gmail.com> Date: Fri, 28 Jul 2006 18:05:18 +0100 From: "Adam Egan" To: freebsd-chat@freebsd.org In-Reply-To: <980FE9AA-8300-4019-BAEE-7B7C0708526D@lassitu.de> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <28745bbf0607270947i6d71369fg5c1403b2d6e36219@mail.gmail.com> <980FE9AA-8300-4019-BAEE-7B7C0708526D@lassitu.de> Subject: Re: ipfw and natd routing problems X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2006 17:05:22 -0000 > natd needs to work on both incoming and ooutgoing connections. > Dropping the "in" keyword should do the trick. Hi Stefan, as I said in my original email, outgoing connections work fine, it is the incoming connections which natd is supposed to foward to other computers which doesn't work. > My only problem now is that although connections going out through natd work fine, > natd port forwarding does not work correctly. I have however altered the rule as you instructed, thank you for pointing out that error. Adam From owner-freebsd-chat@FreeBSD.ORG Fri Jul 28 20:00:16 2006 Return-Path: X-Original-To: freebsd-chat@freebsd.org Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5FDE416A4DD for ; Fri, 28 Jul 2006 20:00:16 +0000 (UTC) (envelope-from stb@lassitu.de) Received: from koef.zs64.net (koef.zs64.net [213.238.47.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id 985FA43D45 for ; Fri, 28 Jul 2006 20:00:15 +0000 (GMT) (envelope-from stb@lassitu.de) Received: (from stb@koef.zs64.net) (authenticated) by koef.zs64.net (8.13.7/8.13.7) with ESMTP id k6SK03Tb009179 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NO); Fri, 28 Jul 2006 22:00:14 +0200 (CEST) (envelope-from stb@lassitu.de) In-Reply-To: <28745bbf0607281005t77d676a5ge7e5e8fcf1ea280e@mail.gmail.com> References: <28745bbf0607270947i6d71369fg5c1403b2d6e36219@mail.gmail.com> <980FE9AA-8300-4019-BAEE-7B7C0708526D@lassitu.de> <28745bbf0607281005t77d676a5ge7e5e8fcf1ea280e@mail.gmail.com> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <007D57CF-0D72-4579-8FC8-7E66C54ACEFD@lassitu.de> Content-Transfer-Encoding: 7bit From: Stefan Bethke Date: Fri, 28 Jul 2006 22:00:03 +0200 To: Adam Egan X-Mailer: Apple Mail (2.752.2) Cc: freebsd-chat@freebsd.org Subject: Re: ipfw and natd routing problems X-BeenThere: freebsd-chat@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Non technical items related to the community List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Jul 2006 20:00:16 -0000 Am 28.07.2006 um 19:05 schrieb Adam Egan: >> natd needs to work on both incoming and ooutgoing connections. >> Dropping the "in" keyword should do the trick. > > Hi Stefan, as I said in my original email, outgoing connections work > fine, it is the incoming connections which natd is supposed to foward > to other computers which doesn't work. Sorry, I missed that. If you can post tcpdump traces from both the inside and the outside interface while trying to connect to port 80, there might be a chance to spot the problem. The natd config seems to be fine. Stefan -- Stefan Bethke Fon +49 170 346 0140