Date: Tue, 11 Sep 2007 18:18:01 -0700 (PDT) From: Joe <josepha48@yahoo.com> To: freebsd-questions@freebsd.org Subject: Re: natd / ipfw services on internal interface (Ivan Voras) Message-ID: <172307.225.qm@web34614.mail.mud.yahoo.com> In-Reply-To: <20070911120015.2A63916A4C1@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Joe wrote:
> I have a question about natd/ and ipfw. I am running natd on my external interface and I have some services on my internal interface.
>
> The services seem to be getting their ip addresses nat'd and some of them work and some of them dont.
>
> Any idea how to prevent things from going into natd?
You should specify more information about your setup, but generally you
should be able to just insert a rule like "ipfw add xxx allow ip from
mynet/mask to mynet/mask", where "xxx" is the rule-number BEFORE your
natd redirection rule-number and mynet/mask describes your internal network.
I think I figured it out after a lot of searching. It turns out that when I installed it I accidentally enabled USE_SOCKETS on a non-jailed dhcp server.
The only information I found was a post or bug that said if you enable USE_SOCKETS on a non jailed server, you could have unexpected results.
The actual results are that your network traffic will be screwed up.
Joe
---------------------------------
Looking for a deal? Find great prices on flights and hotels with Yahoo! FareChase.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?172307.225.qm>