From owner-freebsd-ipfw Thu Feb 1 0:59:21 2001 Delivered-To: freebsd-ipfw@freebsd.org Received: from leylak.trnet.com (leylak.tr.net [195.155.1.5]) by hub.freebsd.org (Postfix) with ESMTP id 5F01437B491 for ; Thu, 1 Feb 2001 00:59:01 -0800 (PST) Received: from msuluhan ([195.155.33.55]) by leylak.trnet.com (InterMail vK.4.02.00.09 201-232-116-109 license 0f5baaa7065154cd09644893d36baf5e) with SMTP id <20010201085749.NTNF10404.leylak@msuluhan>; Thu, 1 Feb 2001 10:57:49 +0200 From: "Murat SULUHAN" To: Subject: RE: natd questions Date: Thu, 1 Feb 2001 11:01:07 +0200 Message-ID: X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <20010131220824.R91447@rfx-216-196-73-168.users.reflex> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi but how can I find packets which blocked via firewall -------------------------------- | | Murat SULUHAN | TE.SA.M. T.U.R.K. / GLOBALSTAR | -------------------------------- > -----Original Message----- > From: owner-freebsd-ipfw@FreeBSD.ORG > [mailto:owner-freebsd-ipfw@FreeBSD.ORG]On Behalf Of Crist J. Clark > Sent: Thursday, February 01, 2001 8:08 AM > To: mel kravitz > Cc: freebsd-ipfw@FreeBSD.ORG > Subject: Re: natd questions > > > On Wed, Jan 31, 2001 at 03:15:30PM -0500, mel kravitz wrote: > > Hi, > > Running 4.1 on an i386 box, updated to 4.1 after succesfully using 2.2.8 > > for 2+ years. > > I normally start natd from /sbin/natd -m -f /etc/natd.conf > > (/etc/rc.conf.local) > > That can cause problems since rc.local is one of the last things to > run after all of the network services have tried to start. > > > where /etc/natd.conf file is included below : > > ipfw rules contain proper divert call to tx0 > > my question is i am getting a large number of /var/log/messages: > > natd "failed to write packet back (permission denied)" > > That means a packet processed by natd(8) is being blocked by a later > rule in the firewall. > > > If i start natd from /etc/rc.conf file how do i call natd.conf? > > natd_enable="YES" > natd_interface="tx0" > natd_flags="-f /etc/natd.conf" > firewall_enable="YES" > firewall_type= > > > Any help would be appreciated. > > -Mel > > > # natd.conf > > use_sockets > > port 6668 > > interface tx0 > > redirect_port tcp 12.14.48.20:http 80 > > redirect_port udp 12.14.48.20:http 80 > > redirect_port tcp 12.14.48.28:http 12.14.48.18:80 > > redirect_port udp 12.14.48.28:http 12.14.48.18:80 > > redirect_port tcp 12.14.48.20:ftp 20 > > redirect_port udp 12.14.48.20:ftp 20 > > redirect_port tcp 12.14.48.20:ftp 21 > > redirect_port udp 12.14.48.20:ftp 21 > > HTTP and FTP do not use UDP. You don't need those. > -- > Crist J. Clark cjclark@alum.mit.edu > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message