From owner-freebsd-questions Wed Aug 29 19:35:50 2001 Delivered-To: freebsd-questions@freebsd.org Received: from grumpy.dyndns.org (user-24-214-57-209.knology.net [24.214.57.209]) by hub.freebsd.org (Postfix) with ESMTP id 0B8D937B405 for ; Wed, 29 Aug 2001 19:35:47 -0700 (PDT) (envelope-from dkelly@grumpy.dyndns.org) Received: from localhost (localhost [127.0.0.1]) by grumpy.dyndns.org (8.11.3/8.11.4) with ESMTP id f7U2Z5w81523; Wed, 29 Aug 2001 21:35:05 -0500 (CDT) (envelope-from dkelly@grumpy.dyndns.org) Message-Id: <200108300235.f7U2Z5w81523@grumpy.dyndns.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: cjclark@alum.mit.edu Cc: Joel Rosenberg , freebsd-questions@FreeBSD.ORG From: David Kelly Subject: Re: Forwarding packets from the internal network In-reply-to: Message from "Crist J. Clark" of "Wed, 29 Aug 2001 10:58:45 PDT." <20010829105845.A9474@blossom.cjclark.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 29 Aug 2001 21:35:05 -0500 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Crist J. Clark" writes: > On Wed, Aug 29, 2001 at 04:15:19PM +0000, Joel Rosenberg wrote: > > > > Yeah, that's what it should be doing, but I always end up getting a > > connection to the other appliance, 192.168.1.20 after an initial login > > prompt. If I'm inside the network, I can go to both fine. > > Have you run natd(8) with the '-v' option to figure out exactly what > it is thinking during all of this? I'll quit sounding like a broken record after this message but I don't suspect there is anything wrong with natd, that the follow up to 192.168.1.20:80 is because 192.168.1.21:80 sent an http data packet enumerating a URL specifying port 80 back (thru natd with the packet header rewritten as if it was coming from port 81 but the data untouched) to the client browser which does as told and makes its next request of the specified URL at port 80. This is the same kind of problem we have getting ftp thru natd. The problem isn't in TCP/IP or natd. Its the http protocol in the packet's payload. At least that's my guess. -- David Kelly N4HHE, dkelly@hiwaay.net ===================================================================== The human mind ordinarily operates at only ten percent of its capacity -- the rest is overhead for the operating system. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message