From owner-freebsd-net@FreeBSD.ORG Fri Dec 12 19:38:36 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2597816A4CE for ; Fri, 12 Dec 2003 19:38:36 -0800 (PST) Received: from math.teaser.net (math.teaser.net [213.91.2.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9C84143D09 for ; Fri, 12 Dec 2003 19:38:34 -0800 (PST) (envelope-from e-masson@kisoft-services.com) Received: from t39bsdems.interne.kisoft-services.com (nantes.kisoft-services.com [193.56.60.243]) by math.teaser.net (Postfix) with ESMTP id 629D76C803 for ; Sat, 13 Dec 2003 04:38:33 +0100 (CET) Received: by t39bsdems.interne.kisoft-services.com (Postfix, from userid 1001) id 7263059FF2; Sat, 13 Dec 2003 04:37:51 +0100 (CET) X-From-Line: nobody Fri Dec 12 13:42:09 2003 To: Mailing List FreeBSD Network From: Eric Masson X-Operating-System: FreeBSD 4.9-STABLE i386 Date: Fri, 12 Dec 2003 13:42:08 +0100 User-Agent: Gnus/5.1003 (Gnus v5.10.3) XEmacs/21.4 (Portable Code, berkeley-unix) Lines: 136 Message-ID: <86r7z9ie0h.fsf@t39bsdems.interne.kisoft-services.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Subject: FreeBSD, ipnat & timeouts while loading page X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Dec 2003 03:38:36 -0000 --=-=-= Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Hello, I'm using the following setup : FreeBSD 4.8-RELEASE-p14 with stock ipfilter 3.4.31 (uname -a attached) I'm using the following ipnat rules # Nat rules map ng0 192.168.10.0/24 -> 0/32 proxy port ftp ftp/tcp map ng0 192.168.10.0/24 -> 0/32 portmap tcp/udp 10000:24000 map ng0 192.168.10.0/24 -> 0/32 net.inet.ip.forwarding is set to 1. When I try to browse certain http sites from a box behind this gateway, name resolution succeeds, connection is opened and then stalls. (tcpdump of a connection to http://www.architectes.org on gateway external interface attached) When directly connected to the internet, the box can access these sites flawlessly. The symptoms are the same whether filtering is active or not (ipf.rules attached if needed) Google only sent back results talking about bad nic, so swap is the next thing I'll do but has anyone seen such symptoms . Regards Eric Masson -- où se trouve la boîte aux lettre de Outlook Express ? J'en ai besoin pour configurer mon modem Olitec smart memory, lorsqu'il daignera fonctionner correctement !! -+- DV in : Guide du Neuneu Usenetien - Tout est dans tout... -+- --=-=-= Content-Type: application/octet-stream Content-Disposition: attachment; filename=ipnat.rules # Nat rules map ng0 192.168.10.0/24 -> 0/32 proxy port ftp ftp/tcp map ng0 192.168.10.0/24 -> 0/32 portmap tcp/udp 10000:24000 map ng0 192.168.10.0/24 -> 0/32 --=-=-= Content-Type: application/octet-stream Content-Disposition: attachment; filename=ipf.rules Content-Transfer-Encoding: base64 IyBCbG9jayBtYWxmb3JtZWQgcGFja2V0cwoKYmxvY2sJaW4gIGxvZyBsZXZlbCBzZWN1cml0 eS5pbmZvCXF1aWNrIGFsbCB3aXRoIG9wdCBsc3JyCmJsb2NrCWluICBsb2cgbGV2ZWwgc2Vj dXJpdHkuaW5mbwlxdWljayBhbGwgd2l0aCBvcHQgc3NycgpibG9jawlpbiAgbG9nIGxldmVs IHNlY3VyaXR5LmluZm8JcXVpY2sgYWxsIHdpdGggaXBvcHRzCmJsb2NrCWluICBsb2cgbGV2 ZWwgc2VjdXJpdHkuaW5mbwlxdWljayBwcm90byB0Y3AgYWxsIHdpdGggc2hvcnQKYmxvY2sJ aW4gIGxvZyBsZXZlbCBzZWN1cml0eS5pbmZvCXF1aWNrIHByb3RvIGljbXAgYWxsIHdpdGgg ZnJhZwoKIyBObyByZXN0cmljdGlvbnMgb24gbG9vcGJhY2sgaW50ZXJmYWNlCgpwYXNzCWlu CQkJCXF1aWNrIG9uIGxvMCBhbGwKcGFzcwlvdXQJCQkJcXVpY2sgb24gbG8wIGFsbAoKIyBQ UFBvRSBzdXBwb3J0IGludGVyZmFjZSBydWxlcyAobm8gaXAgdHJhZmZpYyBhbGxvd2VkIGF0 IGFsbCkKCmJsb2NrCWluCQkJCSAgICAgIG9uIGVkMCBhbGwgaGVhZCAxMApibG9jawlpbgkJ CQlxdWljayBvbiBlZDAgcHJvdG8gdGNwIGZyb20gYW55IHRvIGFueSAgZ3JvdXAgMTAKYmxv Y2sJaW4JCQkJcXVpY2sgb24gZWQwIHByb3RvIHVkcCBmcm9tIGFueSB0byBhbnkgIGdyb3Vw IDEwCmJsb2NrCWluCQkJCXF1aWNrIG9uIGVkMCBwcm90byBpY21wIGZyb20gYW55IHRvIGFu eSBncm91cCAxMApwYXNzCWluCQkJCSAgICAgIG9uIGVkMCBhbGwgICAgICAgICAgICAgICAg ICAgICAgICBncm91cCAxMAoKYmxvY2sJb3V0CQkJCSAgICAgIG9uIGVkMCBhbGwgaGVhZCAx MQpibG9jawlvdXQJCQkJcXVpY2sgb24gZWQwIHByb3RvIHRjcCBmcm9tIGFueSB0byBhbnkg IGdyb3VwIDExCmJsb2NrCW91dAkJCQlxdWljayBvbiBlZDAgcHJvdG8gdWRwIGZyb20gYW55 IHRvIGFueSAgZ3JvdXAgMTEKYmxvY2sJb3V0CQkJCXF1aWNrIG9uIGVkMCBwcm90byBpY21w IGZyb20gYW55IHRvIGFueSBncm91cCAxMQpwYXNzCW91dAkJCQkgICAgICBvbiBlZDAgYWxs ICAgICAgICAgICAgICAgICAgICAgICAgZ3JvdXAgMTEKCiMgSW50ZXJuYWwgaW50ZXJmYWNl CgpwYXNzCWluCQkJCXF1aWNrIG9uIGRlMCBhbGwKcGFzcwlvdXQJCQkJcXVpY2sgb24gZGUw IGFsbAoKIyBQUFBvRSBpbnRlcmZhY2UgcnVsZXMKCnBhc3MJCQkJaW4gIGxvZyBsZXZlbCBz ZWN1cml0eS5pbmZvCXF1aWNrIG9uIG5nMCBwcm90byBpY21wIGZyb20gYW55IHRvIGFueSBp Y21wLXR5cGUgOCBrZWVwIHN0YXRlCgpibG9jawkJCQlpbgkJCQkJb24gbmcwCQkgIGFsbAkJ CQloZWFkIDI1CmJsb2NrCQkJCWluIGxvZyBsZXZlbCBzZWN1cml0eS5pbmZvCXF1aWNrCW9u IG5nMCAgICAgICAgICAgIGZyb20gMTkyLjE2OC4wLjAvMTYJdG8gYW55CWdyb3VwIDI1CmJs b2NrCQkJCWluIGxvZyBsZXZlbCBzZWN1cml0eS5pbmZvCXF1aWNrCW9uIG5nMCAgICAgICAg ICAgIGZyb20gMTcyLjE2LjAuMC8xMgl0byBhbnkJZ3JvdXAgMjUKYmxvY2sJCQkJaW4gbG9n IGxldmVsIHNlY3VyaXR5LmluZm8JcXVpY2sJb24gbmcwICAgICAgICAgICAgZnJvbSAxMjcu MC4wLjAvOAl0byBhbnkJZ3JvdXAgMjUKYmxvY2sJCQkJaW4gbG9nIGxldmVsIHNlY3VyaXR5 LmluZm8JcXVpY2sJb24gbmcwICAgICAgICAgICAgZnJvbSAxMC4wLjAuMC84CXRvIGFueQln cm91cCAyNQpibG9jawkJCQlpbiBsb2cgbGV2ZWwgc2VjdXJpdHkuaW5mbwlxdWljawlvbiBu ZzAgICAgICAgICAgICBmcm9tIDAuMC4wLjAvOAl0byBhbnkJZ3JvdXAgMjUKYmxvY2sJcmV0 dXJuLXJzdAkJaW4gbG9nIGxldmVsIHNlY3VyaXR5LmluZm8gCXF1aWNrCW9uIG5nMCBwcm90 byB0Y3AgIGZyb20gYW55CQl0byBhbnkJZ3JvdXAgMjUKYmxvY2sJcmV0dXJuLWljbXAocG9y dC11bnIpCWluIGxvZyBsZXZlbCBzZWN1cml0eS5pbmZvIAlxdWljawlvbiBuZzAgcHJvdG8g dWRwICBmcm9tIGFueQkJdG8gYW55CWdyb3VwIDI1CmJsb2NrCQkJCWluIGxvZyBsZXZlbCBz ZWN1cml0eS5pbmZvIAlxdWljawlvbiBuZzAJCSAgYWxsCQkJCWdyb3VwIDI1CgpibG9jawlv dXQJCQkJICAgICAgb24gbmcwIGFsbCBoZWFkIDMwCmJsb2NrCW91dCBsb2cgbGV2ZWwgc2Vj dXJpdHkuaW5mbwlxdWljayBvbiBuZzAgICAgICAgICAgICBmcm9tIGFueSB0byAxOTIuMTY4 LjAuMC8xNiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGdyb3VwIDMwCmJsb2Nr CW91dCBsb2cgbGV2ZWwgc2VjdXJpdHkuaW5mbwlxdWljayBvbiBuZzAgICAgICAgICAgICBm cm9tIGFueSB0byAxNzIuMTYuMC4wLzEyICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgIGdyb3VwIDMwCmJsb2NrCW91dCBsb2cgbGV2ZWwgc2VjdXJpdHkuaW5mbwlxdWljayBv biBuZzAgICAgICAgICAgICBmcm9tIGFueSB0byAxMjcuMC4wLjAvOCAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgIGdyb3VwIDMwCmJsb2NrCW91dCBsb2cgbGV2ZWwgc2Vj dXJpdHkuaW5mbwlxdWljayBvbiBuZzAgICAgICAgICAgICBmcm9tIGFueSB0byAxMC4wLjAu MC84ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGdyb3VwIDMwCmJsb2Nr CW91dCBsb2cgbGV2ZWwgc2VjdXJpdHkuaW5mbwlxdWljayBvbiBuZzAgICAgICAgICAgICBm cm9tIGFueSB0byAwLjAuMC4wLzggICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgIGdyb3VwIDMwCnBhc3MJb3V0CQkJCXF1aWNrIG9uIG5nMCBwcm90byB0Y3AgIGZyb20g YW55IHRvIGFueSBmbGFncyBTL1NBIGtlZXAgc3RhdGUga2VlcCBmcmFncyBncm91cCAzMApw YXNzCW91dAkJCQlxdWljayBvbiBuZzAgcHJvdG8gdWRwICBmcm9tIGFueSB0byBhbnkgICAg ICAgICAgICBrZWVwIHN0YXRlICAgICAgICAgICAgZ3JvdXAgMzAKcGFzcwlvdXQJCQkJcXVp Y2sgb24gbmcwIHByb3RvIGljbXAgZnJvbSBhbnkgdG8gYW55ICAgICAgICAgICAga2VlcCBz dGF0ZSAgICAgICAgICAgIGdyb3VwIDMwCmJsb2NrCW91dCBsb2cgbGV2ZWwgc2VjdXJpdHku aW5mbwkgICAgICBvbiBuZzAgYWxsICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGdyb3VwIDMwCg== --=-=-= Content-Type: application/octet-stream Content-Disposition: attachment; filename=tcpdump.err Content-Transfer-Encoding: base64 1MOyoQIABAAAAAAAAAAAAGAAAAAAAAAA1rTYP2M6DgAsAAAALAAAAAIAAABFAAAoNztAAH8G tmxR+cYjw2UypicSAFAAAY7fTU7snlAEAACxiAAA2bTYP0YIAAAwAAAAMAAAAAIAAABFAAAs OTtAAH8GtGhR+cYjw2UypicTAFAAAY2iAAAAAGACIAC09wAAAgQFtNm02D/xJAEAMAAAADAA AAACAAAARQAALFrpQAB3Bpq6w2UyplH5xiMAUCcTttVGqgABjaNgEv//12YAAAIEBbTZtNg/ IiYBACwAAAAsAAAAAgAAAEUAACg6O0AAfwazbFH5xiPDZTKmJxMAUAABjaO21UarUBAiOMzr AADZtNg/0CgBAGAAAAB1AQAAAgAAAEUAAXE7O0AAfwaxI1H5xiPDZTKmJxMAUAABjaO21Uar UBgiOA98AABHRVQgLyBIVFRQLzEuMQ0KQWNjZXB0OiBhcHBsaWNhdGlvbi92bmQubXMtZXhj ZWwsIGFw3LTYP7UjAQBgAAAAdQEAAAIAAABFAAFxPTtAAH8GryNR+cYjw2UypicTAFAAAY2j ttVGq1AYIjgPfAAAR0VUIC8gSFRUUC8xLjENCkFjY2VwdDogYXBwbGljYXRpb24vdm5kLm1z LWV4Y2VsLCBhcNy02D+DhAIALAAAACwAAAACAAAARQAAKFtHQAB3Bppgw2UyplH5xiMAUCcT ttVSEwABjuxQEP6247sAAA== --=-=-= Content-Disposition: attachment; filename=uname.txt FreeBSD rtrbsddupwan.dupont.lan 4.8-RELEASE-p14 FreeBSD 4.8-RELEASE-p14 #0: Thu Dec 11 19:08:37 CET 2003 emss@rtrbsddupwan.dupont.lan:/usr/src/sys/compile/FIREWALL i386 --=-=-=--