From owner-freebsd-questions Thu Jan 6 6: 0:39 2000 Delivered-To: freebsd-questions@freebsd.org Received: from smtp.mail.yahoo.com (smtp.mail.yahoo.com [128.11.68.32]) by hub.freebsd.org (Postfix) with SMTP id D36A615653 for ; Thu, 6 Jan 2000 06:00:36 -0800 (PST) (envelope-from aokounev@yahoo.com) Received: from unknown (HELO 192.168.249.2) (194.226.123.191) by smtp.mail.yahoo.com with SMTP; 6 Jan 2000 06:00:34 -0800 X-Apparently-From: Date: Thu, 6 Jan 2000 16:00:22 +0200 From: Artem Okounev X-Mailer: The Bat! (v1.36) S/N 1ABCDEF Reply-To: Artem Okounev X-Priority: 3 (Normal) Message-ID: <0666.000106@yahoo.com> To: "Crist J. Clark" Cc: freebsd-questions@FreeBSD.ORG Subject: Re: CVSup over ppp In-reply-To: <200001060452.XAA18284@cc942873-a.ewndsr1.nj.home.com> References: <200001060452.XAA18284@cc942873-a.ewndsr1.nj.home.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello Crist, Thursday, January 06, 2000, 6:52:45 AM, you wrote: CJC> Dan O'Connor wrote, CJC> [Charset iso-8859-1 unsupported, filtering to ASCII...] >> >I have FreeBSD box working as firewall/proxy between my local network >> >and Internet. I'm using pppd to establish ppp connection with my ISP >> >(via leased line) and natd/ipfw for address aliasing/filtering. >> >Everything works fine (i can do ftp and browsing web from local net >> >via FreeBSD box), but CVSup (version 16.1 installed from cvsup-bin >> >port) doesn't work. >> >> Make sure your firewall allows TCP traffic on ports 5998 and 5999... I have set 'open' type firewall (just for testing purpose). My provider does not filter traffic. CJC> Or run cvsup in passive mode. From the manpage, [man page skipped] CJC> I have no special openings in my firewall for CVSup, but passive mode CJC> works like a charm. I tried passive mode with the only difference in results: cvsup connects to server (experimented with number of mirror servers), establishes passive mode connection, prints "Updating collection ports-archivers/cvs", then again silence and timeout error. My config files: Kernel config: pseudo-device loop # Network loopback pseudo-device ether # Ethernet support pseudo-device ppp 1 # Kernel PPP options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=100 options IPFIREWALL_FORWARD options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT /etc/rc.conf: ifconfig_ed1="inet 192.168.249.201 netmask 255.255.255.0" defaultrouter="NO" network_interfaces="ed1 lo0" hostname="gate.unix.test" gateway_enable="YES" firewall_enable="YES" firewall_type="open" natd_enable="YES" natd_interface="xxx.xxx.xxx.xxx" # my real static internet address assigned to ppp interface natd_flags="-f /etc/natd.conf" /etc/natd.conf: use_sockets yes same_ports yes /etc/ppp/options: modem crtscts asyncmap 0 xxx.xxx.xxx.xxx:xxx.xxx.xxx.xxx # my local and remote ip addresses passive defaultroute noipdefault Sorry for long posting, but i think it is necessary to show configs. I have strong feeling that problem is not in ipfw and natd, but with pppd setup. Would you please suggest ways to step-by-step testing of my setup and tools to do it as I'm newbie in unix. Regards, Artem. mailto:aokounev@yahoo.com PGP fingerprint: BA17 5765 2858 E213 9717 CA9F 5E02 1CE8 6266 A05E __________________________________________________ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message