From owner-freebsd-questions@FreeBSD.ORG Thu Sep 13 15:33:03 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1FBC716A418 for ; Thu, 13 Sep 2007 15:33:03 +0000 (UTC) (envelope-from josepha48@yahoo.com) Received: from web34611.mail.mud.yahoo.com (web34611.mail.mud.yahoo.com [209.191.68.145]) by mx1.freebsd.org (Postfix) with SMTP id 9F83B13C458 for ; Thu, 13 Sep 2007 15:33:02 +0000 (UTC) (envelope-from josepha48@yahoo.com) Received: (qmail 51698 invoked by uid 60001); 13 Sep 2007 15:33:02 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=tWQ9CwF0BwuUw4xG1QN5LozdnS9E6LQmXOfFZ24cbCs08uQcQt3RYIn7xRtBx+399GenUTRAcm0htxMIZe+0WCYX9LgpH8tLrMRT60cWNzaQFvnLN0PU9jMzjDQDggTjTEvlDNLmMSUSZR20tzzUG8MGcO4Z/NRSX22L9Uow94o=; X-YMail-OSG: nq70viMVM1luyMcLFqSn0WPjU_VrYGZbHVkyOeyqhQbsD6WDCWwXzMDYscf4CggO.kB66Axr62yaYCqMEU3gigj9orxb0kV.oKTUjC4EMp5Fv4rB.fmp7Gt_RQerKA-- Received: from [69.147.67.231] by web34611.mail.mud.yahoo.com via HTTP; Thu, 13 Sep 2007 08:33:02 PDT X-Mailer: YahooMailWebService/0.7.134 Date: Thu, 13 Sep 2007 08:33:02 -0700 (PDT) From: Joe To: "freebsd-questions@freebsd.org" MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Message-ID: <114394.51652.qm@web34611.mail.mud.yahoo.com> Subject: natd / ipfw services on internal interface X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Sep 2007 15:33:03 -0000 I figured out what the problem was. I had compiled my dhcp server with USE= _SOCKETS and am NOT running in a jail. After a lot of searching the bug reports I came across an old bug that said= that USE_SOCKETS was added for jailed dhcp servers, because they do not ha= ve access to bpf. It also said that compiling USE_SOCKETS into a non jaile= d dhcp server will have unpredictable results. I found out that the server will behave badly like it is being sent through= nat out our the wrong port. =20 > You should specify more information about your setup, but generally yo= u=20 > should be able to just insert a rule like "ipfw add xxx allow ip = from=20 > mynet/mask to mynet/mask", where "xxx" is the rule-numb= er BEFORE your=20 > natd redirection rule-number and mynet/mask describes your internal ne= twork.=0A=0A=0A =0A__________________________________________________= __________________________________=0AMoody friends. Drama queens. Your life= ? Nope! - their life, your story. Play Sims Stories at Yahoo! Games.=0Ahttp= ://sims.yahoo.com/