From owner-freebsd-questions@FreeBSD.ORG Fri Mar 31 11:27:54 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9628616A400 for ; Fri, 31 Mar 2006 11:27:54 +0000 (UTC) (envelope-from ldrada@gmail.com) Received: from nproxy.gmail.com (nproxy.gmail.com [64.233.182.186]) by mx1.FreeBSD.org (Postfix) with ESMTP id EE40A43D48 for ; Fri, 31 Mar 2006 11:27:53 +0000 (GMT) (envelope-from ldrada@gmail.com) Received: by nproxy.gmail.com with SMTP id m18so5087nfc for ; Fri, 31 Mar 2006 03:27:52 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=AKhxj1Ihn4LaN0CYDoBjIenHbjEj5RH89EIbTJZz+JNFL+o4Ajd7gSYCy6u8OauRFla0gX9bhfc8lZEgWxmcwLz7bSUL3Ps4IhdcvpPSnPCclF0SvKBxvAmtTuh3+lwspyO0iOrFlJtuTv4dtrjme/pUouApW3XTxhMU8J9JiyI= Received: by 10.49.15.14 with SMTP id s14mr210796nfi; Fri, 31 Mar 2006 03:27:52 -0800 (PST) Received: by 10.48.108.12 with HTTP; Fri, 31 Mar 2006 03:27:52 -0800 (PST) Message-ID: <5ceb5d550603310327q58ed532bk91686c06e51fc93d@mail.gmail.com> Date: Fri, 31 Mar 2006 13:27:52 +0200 From: "Daniel A." To: "Erik Norgaard" In-Reply-To: <442CD1EE.4040002@locolomo.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <5ceb5d550603300923i6eeaec35rb65cce6a602a8ef9@mail.gmail.com> <442CD1EE.4040002@locolomo.org> Cc: "freebsd-questions@freebsd.org" Subject: Re: ipf and ipnat stopped working, no routing between nics. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Mar 2006 11:27:54 -0000 Hi, I rebooted my machine last night, and everything started working again. But no, I didnt check that. And after I was looking at some sysctls late last night, I did speculate about whether those you mention were right or not. Problem resolved, and thanks for the help :) ps. Sorry I accidentally spammed the list. It didnt seem as if my emails went through at the time. On 3/31/06, Erik Norgaard wrote: > Daniel A. wrote: > > Hi, > > I run a FreeBSD 6.0 at home in my closet. > > Yesterday, while I was linking IRCd services with a friend of mine, my = router > > completely stopped routing any packets between the internal nic (sis0) = and > > the external nic (rl0). > > The only thing that I can think of, whoich could have caused this, is t= hat I > > ran ettercap on the server to diagnose why our servers wouldnt link. I = did NOT > > run any ARP poisoning or DNS spoofing attacks on myself. > > But I didnt notice if the routing stopped at that point, or later, beca= use I > > could always connect to my server, and the server could always connect = to the > > internet. The situation is still the same. > > > > I have tried to do > > - "ipf -Fa -f /etc/ipf.rules; ipnat -FC -f /etc/ipnat.rules" - Didnt he= lp > > - "cd /etc/rc.d; ./ipfilter restart; ./ipnat restart" - Didnt help > > - Launch ettercap again and exit "cleanly" after telling it to stop sni= ffing. > > A tcpdump reveals that, indeed, no packets at all make it from sis0 to = rl0. > > So my conclusion is that ipnat "forgot" how to route between the two > > interfaces. > > > > Could anyone please give some pointers? > > did you check > > # sysctl -a |grep forward > > you should have > > net.inet.ip.forwarding: 1 > net.inet.ip.fastforwarding: 0 > net.inet6.ip6.forwarding: 0 > > Erik > -- > Ph: +34.666334818 web: www.locolomo.org > S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt > Subject ID: 9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72 > Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9 >