From owner-freebsd-questions@FreeBSD.ORG Wed Jun 25 10:58:40 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0BC5137B401 for ; Wed, 25 Jun 2003 10:58:40 -0700 (PDT) Received: from lagash.satanosphere.com (216-210-218-82.atgi.net [216.210.218.82]) by mx1.FreeBSD.org (Postfix) with ESMTP id C0E8943FF2 for ; Wed, 25 Jun 2003 10:58:38 -0700 (PDT) (envelope-from jeremy@lagash.satanosphere.com) Received: from lagash.satanosphere.com (localhost [127.0.0.1]) h5PIPAbO069810 for ; Wed, 25 Jun 2003 11:25:11 -0700 (PDT) (envelope-from jeremy@lagash.satanosphere.com) Received: (from jeremy@localhost) by lagash.satanosphere.com (8.12.6p2/8.12.6/Submit) id h5PIPAep069809 for freebsd-questions@freebsd.org; Wed, 25 Jun 2003 11:25:10 -0700 (PDT) Date: Wed, 25 Jun 2003 11:25:09 -0700 From: Jeremy Bingham To: freebsd-questions@freebsd.org Message-ID: <20030625182509.GA69633@lagash.satanosphere.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="XsQoSWH+UP9D9v3l" Content-Disposition: inline User-Agent: Mutt/1.4i Sender: jeremy@satanosphere.com X-PGP-Key: http://home.satanosphere.com/jeremy-pubkey.asc X-Spam-Status: No, hits=-12.7 required=7.0 tests=PGP_SIGNATURE_2,USER_AGENT_MUTT version=2.50 X-Spam-Report: ---- Start SpamAssassin results -12.70 points, 7 required; * -6.3 -- Contains a PGP-signed message (signature attached) * -6.4 -- User-Agent header indicates a non-spam MUA (Mutt) ---- End of SpamAssassin results X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Subject: NAT Dropping Internal Connection X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2003 17:58:40 -0000 --XsQoSWH+UP9D9v3l Content-Type: text/plain; charset=us-ascii Content-Disposition: inline I have a P-200 running 4.8-STABLE running as a NAT box at home. It runs well, except that periodically it will drop it's connection on the internal side of the network. The external interface still works, but the internal machines can't ping the NAT box at all and the NAT box can't ping the internal machines. I've looked through the mailing lists and google for hints why this might be happening, but I can't find anything. /var/log/messages also reveals nothing. Here are the relevant kernel options: options IPFIREWALL options IPFIREWALL_FORWARD options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT options IPFILTER options IPSTEALTH options RANDOM_IP_ID options TCP_DROP_SYNFIN Would any of those cause the problem, or is there a kernel option that I'm accidentally leaving off? Thanks, -Jeremy Bingham ---------------------------------------------- /* You are not expected to understand this. */ Captain_Tenille http://www.satanosphere.com/ jeremy@satanosphere.com --XsQoSWH+UP9D9v3l Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE++ekFz9BfgBOfXn0RAinxAJ0dXY0gl0M5jPdldlUXeaHUvzFOTwCdFzaN 2tCs2VIbsjGD0CBNbRnQ7/A= =rotP -----END PGP SIGNATURE----- --XsQoSWH+UP9D9v3l--