Date: Thu, 11 Apr 2002 12:16:03 -0700 (PDT) From: Brian Eagan <brian_eagan@yahoo.com> To: freebsd-questions@FreeBSD.ORG Subject: freebsd bridge+ipfw problem Message-ID: <20020411191603.57249.qmail@web13602.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hello, I'm attempting to install a freebsd bridge/ipfw box in-line between an sdsl line and a small switched ethernet lan. I've come across a very odd problem it seems: all network traffic seems to go through fine (i have the firewall to open while setting everything up), for example I can ssh to one of the freebsd boxes on the lan and then ssh to the lan-side interface (which has an IP on it) on the bridge box just fine. The problem comes in when I try out my neato web server from outside the lan (inside it's ok!). I can, for example, telnet to www:80 and type my GET / HTTP1.1 <return> and watch it come up in my access logs via apache, however the webserver never returns anything to the telnet window (ie the html file) Like I said, if I'm on Box 2 in the lan and do a lynx or telnet www 80, i get the expected HTML just fine. In the course of testing i've tried: -disabling http keep-alives (grasping here) -re-doing my cabling such that the ethernet from the sdsl box is directly on my http server, in which case it works fine -Putting options IPSTEALTH in the bridge kernel (wanted to anyway) -restarting the webserver (apache 1.3.newest) my applicable kernel options on the bridge: options IPFIREWALL options IPDIVERT options DUMMYNET options IPFIREWALL_FORWARD #enable transparent proxy support options IPSTEALTH #support forstealthforwarding options BRIDGE I'm running 4.5-Release Am I missing something obvious? I hope so! :) If you have any suggestions or ideas please let me know Thank you all, Brian Eagan brian@kidfu.com __________________________________________________ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020411191603.57249.qmail>