Date: Wed, 3 Oct 2001 12:58:49 -0700 From: "Crist J. Clark" <cristjc@earthlink.net> To: Nick Rogness <nick@rogness.net> Cc: Chip <chip@wiegand.org>, freebsd-questions@FreeBSD.ORG Subject: Re: natd permission denied at bootup Message-ID: <20011003125849.A8391@blossom.cjclark.org> In-Reply-To: <Pine.BSF.4.21.0110031423100.17599-100000@cody.jharris.com>; from nick@rogness.net on Wed, Oct 03, 2001 at 02:25:30PM -0500 References: <0110030627070H.96094@chip.wiegand.org> <Pine.BSF.4.21.0110031423100.17599-100000@cody.jharris.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Oct 03, 2001 at 02:25:30PM -0500, Nick Rogness wrote:
> On Wed, 3 Oct 2001, Chip wrote:
>
> > On Wednesday 03 October 2001 01:29, Crist J. Clark wrote:
> > > On Tue, Oct 02, 2001 at 10:22:48PM -0700, Chip wrote:
> > >
> > > [snip]
> > >
> > > > natd: failed to write packet back (permission denied)
> > > > routed: send bcast sendto(xl0): permission denied
> > > > starting final network daemons: firewall, routed: sendto(dc0):
> > > > permission denied.
> > >
> > > This sure looks like your firewall not passing packets. And we can
> > > fix the routed(8) problem easily. You don't need it, turn it off.
>
> >
> > I disabled that line, but am still getting the message:
> > natd: failed to write packet: no route to host
>
> Well, look at what it says "no route to host"...you either don't
> have a default gateway set or you can not reach that network for
> some reason.
Looking again at your usual firewall configuration, Chip, there seems
to be a problem. rc.conf(5) has,
> > > > ifconfig_dc0="inet 66.114.152.128 netmask 255.255.248.0"
But you have,
> > > > # Outside nic
> > > > oif="dc0"
> > > > onet="66.114.152.0"
> > > > omask="255.255.255.128"
> > > > oip="66.114.152.128"
In rc.firewall. Note the change in the mask. Your IP, 66.114.152.128,
does not actually reside on the network you specify,
66.114.152.0/25. This would make the gateway unreachable.
As for why things don't work when you put in the completely open
firewall rules, that I do not understand. Are there any other
customizations in your start up? Suspicious error messages? Once
things are up, ping a host on either side of the gateway and then get
the output of,
# ipfw show
# ifconfig
# netstat -rn
# ps auxww | fgrep -e natd
--
Crist J. Clark cjclark@alum.mit.edu
cjclark@jhu.edu
cjc@freebsd.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011003125849.A8391>