From owner-freebsd-security  Sun Aug 19 15:41:27 2001
Delivered-To: freebsd-security@freebsd.org
Received: from xs4nobody.nl (xs4nobody.nl [62.58.36.22])
	by hub.freebsd.org (Postfix) with SMTP id CC50A37B412
	for <freebsd-security@freebsd.org>; Sun, 19 Aug 2001 15:41:22 -0700 (PDT)
	(envelope-from bart@xs4nobody.nl)
Received: (qmail 80407 invoked by uid 1000); 19 Aug 2001 22:41:15 -0000
Date: Mon, 20 Aug 2001 00:41:15 +0200
From: Bart Matthaei <bart@xs4nobody.nl>
To: freebsd-security@freebsd.org
Subject: Re: getting DCC fully functioning with ipnat/ipf
Message-ID: <20010820004115.B80382@heresy.xs4nobody.nl>
Reply-To: Bart Matthaei <bart@xs4nobody.nl>
References: <F140318XjHDCHBDOVhs00011ad5@hotmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <F140318XjHDCHBDOVhs00011ad5@hotmail.com>; from rezaj_@hotmail.com on Mon, Aug 20, 2001 at 07:47:38AM +0930
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Pass the arguments -same_ports -use_sockets to natd

:)


rgds,

Bart Matthaei

On Mon, Aug 20, 2001 at 07:47:38AM +0930, reza jamshid wrote:
> 
> Hi,
> 
> Up until now my firewall/router (FreeBSD 4.3) works fine, but I havent been 
> able to get DCC resuming and send to work from a machine inside my network.
> 
> I'm not sure if this has anything to do with my current rules setup, or if i 
> am missing something.
> 
> >cat /etc/ipnat.rules
> 
> map ed0 192.168.1.0/24 -> 0/32
> 
> >cat /etc/ipf.rules
> 
> # Pass everything out of tun0
> 
> block out all
> pass out quick on lo0 all
> pass out quick on ed1 all
> pass out quick on tun0 proto tcp all flags S/SA keep state keep frags
> pass out quick on tun0 proto udp all keep state keep frags
> pass out quick on tun0 proto icmp all keep state keep frags
> pass out quick on tun0 all
> 
> # Pass lo0 and dc0, block the rest
> 
> block in log all
> pass in quick on lo0 all
> pass in quick on ed1 all
> 
> 
> I was told that I need to install an irc proxy like tircproxy?
> 
> Has anyone done this successfully and can help shed some light?
> 
> 
> TIA
> 
> 
> 
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

-- 
Bart Matthaei           |       bart@xs4nobody.nl
                        |          +31 6 24907042
Cysonet Managed Hosting |        bart@cysonet.com
-------------------------------------------------
/* It's always funny until someone gets hurt..
 * (and then it's just hilarious)              */

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message