From owner-freebsd-net@FreeBSD.ORG Tue May 7 18:43:59 2013 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 0422DED1 for ; Tue, 7 May 2013 18:43:59 +0000 (UTC) (envelope-from lists@rewt.org.uk) Received: from hosted.mx.as41113.net (hosted.mx.as41113.net [91.208.177.22]) by mx1.freebsd.org (Postfix) with ESMTP id C50F4AE1 for ; Tue, 7 May 2013 18:43:58 +0000 (UTC) Received: from [172.16.9.23] (bella.stf.rewt.org.uk [91.208.177.62]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: lists@rewt.org.uk) by hosted.mx.as41113.net (Postfix) with ESMTPSA id 3b4qTf6K9yzYx; Tue, 7 May 2013 19:43:50 +0100 (BST) Message-ID: <51894B52.2050903@rewt.org.uk> Date: Tue, 07 May 2013 19:43:30 +0100 From: Joe Holden User-Agent: Thunderbird 2.0.0.24 (Windows/20100228) MIME-Version: 1.0 To: Matthias Apitz Subject: Re: ppp(8) and inbound IP connections References: <20130507181345.GA992@tiny.Sisis.de> In-Reply-To: <20130507181345.GA992@tiny.Sisis.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 May 2013 18:43:59 -0000 Matthias Apitz wrote: > > Hello, > > I'm using ppp(8) for many years to connect via UMTS to my service provider > and Internet, actually www.fonic.de; all this works fine already for long > time, works fine for outgoing TCP and UDP connections to Internet. > > Until now, I did not care about incoming TCP connections, for example for > SSH'ing from remote to my netbook, connected via ppp(8), or for incoming > SIP; it turns out now,, that I can: > > - check with "lynx -dump myip.nl | fgrep WAN" with which addr I show > up in Internet: > > $ lynx -dump myip.nl | fgrep WAN > WAN IP adres: 82.113.99.104 > > - can SSH fine to some remote server, > > - but can not SSH back to the addr 82.113.99.104; > > I contacted the provider thinking that he is blocking all IP connects which > have not been originated by a SYN pkg from my side; but he claims not > blocking anything; and now? how can I debug this? > > My interface looks like this: > > > tun6: flags=8051 metric 0 mtu 1500 > options=80000 > inet 10.33.28.104 --> 10.64.64.64 netmask 0xffffffff > nd6 options=21 > Opened by PID 799 > > and the routing is: > > > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif Expire > default 10.64.64.64 UGS 0 1694 tun6 > 10.33.28.104 link#7 UHS 0 0 lo0 > 10.64.64.64 link#7 UHS 0 1 tun6 > 127.0.0.1 link#6 UH 0 75 lo0 > > Any ideas about this? Thanks. > > I'm attaching the ppp.conf file. > > matthias > It seems quite clear from your ifconfig output that your provider doesn't give you a routable address, so you will never see inbound connections. Usually providers have an alternate APN that will give you one, but that depends on the provider in question.