Date: Thu, 20 Sep 2001 09:22:15 +1000 From: Tony Landells <ahl@austclear.com.au> To: Dylan Carlson <damage_z@yahoo.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: natd issues... Message-ID: <200109192322.JAA27619@tungsten.austclear.com.au> In-Reply-To: Message from Dylan Carlson <damage_z@yahoo.com> of "Wed, 19 Sep 2001 14:22:16 MST." <20010919212216.18508.qmail@web10402.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Dylan,
There's nothing obviously wrong in there, so here are some debugging
tips:
look at /var/log/security, where the messages from ipfw "log"
rules go
add "log" to ALL deny rules until you have a better idea of
what's going on
confirm that natd is actually running
run natd manually with the -v option to get a listing of it
translating packets
Personally, I have a rule fairly early on that creates a log message
for every TCP connection:
${fwcmd} add count log tcp from any to any in setup
It gives me a permanent record of all my TCP connections. For
debugging, you may want to have it in twice: once at the beginning
of your ruleset, and once just after the "divert" rule, so you can
see what hit your firewall, and what it looked like after translation.
Cheers
Tony
--
Tony Landells <ahl@austclear.com.au>
Senior Network Engineer Ph: +61 3 9677 9319
Australian Clearing Services Pty Ltd Fax: +61 3 9677 9355
Level 4, Rialto North Tower
525 Collins Street
Melbourne VIC 3000
Australia
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109192322.JAA27619>