From owner-freebsd-hackers Mon Dec 10 0:51:56 2001 Delivered-To: freebsd-hackers@freebsd.org Received: from mta05-svc.ntlworld.com (mta05-svc.ntlworld.com [62.253.162.45]) by hub.freebsd.org (Postfix) with ESMTP id 8D07337B416 for ; Mon, 10 Dec 2001 00:51:51 -0800 (PST) Received: from there ([80.4.125.7]) by mta05-svc.ntlworld.com (InterMail vM.4.01.03.23 201-229-121-123-20010418) with SMTP id <20011210085150.TANF27606.mta05-svc.ntlworld.com@there> for ; Mon, 10 Dec 2001 08:51:50 +0000 Content-Type: text/plain; charset="iso-8859-1" From: Mike D To: freebsd-hackers@freebsd.org Subject: Re: natd ignores "natd_flags"? Date: Mon, 10 Dec 2001 08:51:25 +0000 X-Mailer: KMail [version 1.3] References: <20011210075001.JESP3849.mta06-svc.ntlworld.com@there> <20011210085948.B22592@neptune.deep-ocean.local> In-Reply-To: <20011210085948.B22592@neptune.deep-ocean.local> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-Id: <20011210085150.TANF27606.mta05-svc.ntlworld.com@there> Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > [I think this question should be redirected to -questions or -net, but > anyway...] should only programming questions be posted here? > do you have IPFIREWALL in your kernel ? is is configured "default to > deny" ? This is typically what is bugginig me when natd fails to write a > packet : a nasty firewall rule... I have a ipfw rules file, the point is I want to log the deny natd messages, not see them. > > man ipfw & read the handbook, section networking (correct me if i'm > wrong). I don't think this is an ipfw issue - the failure msg comes from natd, not ipfw. Could be wrong of course! > > Olivier > > On Mon, Dec 10, 2001 at 07:49:37AM +0000, Mike D wrote: > > I have in my rc.conf: > > > > natd_enable="YES" > > natd_interface="xl1" > > natd_flags="-f /etc/natd.conf" > > > > and in /etc/natd.conf: > > > > interface xl1 > > dynamic yes > > use_sockets yes > > same_ports yes > > log_denied yes > > > > however, since I am still seeing the "host4 natd[198]: failed to write > > packet back (Permission denied)" messages, I'm guessing "log_denied" is > > not being picked up. > > > > Any help appreciated. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-hackers" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message