From owner-freebsd-questions Sat Sep 2 13: 0:38 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82]) by hub.freebsd.org (Postfix) with ESMTP id 979F037B423 for ; Sat, 2 Sep 2000 13:00:36 -0700 (PDT) Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net with Microsoft SMTPSVC(5.5.1877.197.19); Sat, 2 Sep 2000 12:59:33 -0700 Received: (from cjc@localhost) by 149.211.6.64.reflexcom.com (8.9.3/8.9.3) id NAA42004; Sat, 2 Sep 2000 13:00:35 -0700 (PDT) (envelope-from cjc) Date: Sat, 2 Sep 2000 13:00:34 -0700 From: "Crist J . Clark" To: Caleb Walker Cc: questions@FreeBSD.ORG Subject: Re: natd Message-ID: <20000902130034.Q62475@149.211.6.64.reflexcom.com> Reply-To: cjclark@alum.mit.edu References: <00090122021204.00263@butthead.walker> <20000901235330.P62475@149.211.6.64.reflexcom.com> <00090200000200.00313@butthead.walker> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <00090200000200.00313@butthead.walker>; from caleb.walker@home.com on Fri, Sep 01, 2000 at 11:57:57PM -0700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Sep 01, 2000 at 11:57:57PM -0700, Caleb Walker wrote: > On Fri, 01 Sep 2000, Crist J . Clark wrote: > > On Fri, Sep 01, 2000 at 10:00:17PM -0700, Caleb Walker wrote: > > > > > > I am getting a message on my console all the time since I enabled my > > > firewall. It says a billion times over: > > > natd[158]: failed to write packet back (permission denied) and that > > > is it. I dont know what it is. Does anyone else know? > > > > It usually means that a packet that natd(8) processed is getting > > blocked by the firewall when it is being sent out. > > Well I figured that much especially since this always starts to happen > when I enable the firewall. But why and what? I dont get any hint as > to what is being blocked. I do have logging enabled in the kernel as > well. In my rc.conf file I have firewall=simple. If you are using the generic SIMPLE firewall, there are a lot of rules in there that drop packets without logging. My guess is that you are translating RFC1918 addresses? Have a look at the rc.firewall script again and read the comments about that situation. Note that the rc.firewall script is not really intended to be used as-is off the shelf. Every site has its own policy. For example, are you running WWW, SMTP, NTP, _and_ DNS on your firewall? But those are all enabled _as examples_ in the stock one. -- Crist J. Clark cjclark@alum.mit.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message