From owner-freebsd-questions  Wed Dec  8 10:12:46 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from aag.alaskaair.com (aag.alaskaair.com [159.49.254.10])
	by hub.freebsd.org (Postfix) with SMTP id E251C15798
	for <questions@freebsd.org>; Wed,  8 Dec 1999 10:12:15 -0800 (PST)
	(envelope-from elazich@AlaskaAir.com)
Received: from WORLDTALK.alaskaair.com by aag.alaskaair.com
          via smtpd (for hub.FreeBSD.org [204.216.27.18]) with SMTP; 8 Dec 1999 18:15:55 UT
Received: from 159.49.42.21 by worldtalk.alaskaair.com with SMTP (
 WorldSecure Server SMTP Relay(WSS) v4.3); Wed, 08 Dec 99 10:05:21 -0800
X-Server-Uuid: cdced086-966c-11d3-b153-00c0f02de454
From: elazich@AlaskaAir.com
To: leonard@mofo.theta-chi.net
Cc: questions@freebsd.org
Date: Wed, 8 Dec 1999 10:03:02 -0800
Subject: Re: NATd: tons of "failed to write packet back" errors
Message-ID: <msg63460.thr-cf17aa.e3746b00@alaskaair.com>
References: <Pine.BSF.4.10.9912072259130.17241-100000@mofo.theta-chi.net>
Organization: Alaska Airlines
MIME-Version: 1.0
X-Gateway: NASTA Gate 2.0 for FirstClass(R)
X-WSS-ID: 1450426B19978-01-01
Content-Type: text/plain; 
 charset=us-ascii
Content-Transfer-Encoding: 8bit
Content-ID: <msg63460.thr-cf17aa.e3746b00.part0@alaskaair.com>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In opne configuration, what you describe becomes rule 200, I have that
rule on my firewall and ipfw sho does not show any packets being denied
that apply to that rule.  My question would be what is trying to send
to localhost and if it is indeed valid, then maybe you should look at
changing the rule.

Eli

leonard@mofo.theta-chi.net writes:
>I've been seeing my logs filled with:

>Dec  7 22:56:04 mofo natd[14291]: failed to write packet back
>(Permission
>denied)
>Dec  7 22:56:04 mofo natd[14291]: failed to write packet back
>(Permission
>denied)

>Does anybody know what this is caused by? I have ipfw set to "open" via
>rc.conf. I've been noticing that there are a lot of denied packets from
>127.0.0.0/8. If NATd is sending data to localhost, then shouldn't it be
>going through lo0 which works? Other than the sheer number of error
>messages going to syslog, it seems like natd is working fine.

>Anybody know why am I getting all of these denied packets and where
>they're coming from?

>Thanks,

>Leonard



>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-questions" in the body of the message





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message