From owner-freebsd-questions Thu Nov 8 21: 7:48 2001 Delivered-To: freebsd-questions@freebsd.org Received: from snipe.prod.itd.earthlink.net (snipe.mail.pas.earthlink.net [207.217.120.62]) by hub.freebsd.org (Postfix) with ESMTP id 6967A37B41E for ; Thu, 8 Nov 2001 21:07:46 -0800 (PST) Received: from dialup-209.245.128.79.dial1.sanjose1.level3.net ([209.245.128.79] helo=blossom.cjclark.org) by snipe.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 1623t7-0000g0-00 for freebsd-questions@FreeBSD.ORG; Thu, 08 Nov 2001 21:07:39 -0800 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.3) id fA956dc16024 for freebsd-questions@FreeBSD.ORG; Thu, 8 Nov 2001 21:06:39 -0800 (PST) (envelope-from cjc) Date: Thu, 8 Nov 2001 21:06:39 -0800 From: "Crist J. Clark" To: freebsd-questions@FreeBSD.ORG Subject: Re: problems with clients behind ipf/ipnat firewall Message-ID: <20011108210639.P51134@blossom.cjclark.org> Reply-To: cjclark@alum.mit.edu References: <20011107132853.B7624@nubisci.net> <20011107231359.J301@blossom.cjclark.org> <20011108221143.A38037@nubisci.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011108221143.A38037@nubisci.net>; from guru@nubisci.net on Thu, Nov 08, 2001 at 10:11:43PM -0500 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Nov 08, 2001 at 10:11:43PM -0500, GuRU wrote: > Out of da blue Crist J. Clark aka (cristjc@earthlink.net) said: > > [This is not actually a security issue. Moved to -questions.] > > > > On Wed, Nov 07, 2001 at 01:28:53PM -0500, GuRU wrote: > > [snip] > > > > > Ok now here are the results of traceroute -S > > > client box: > > > > Just for kicks, what does, > > > > $ traceroute -Sn bantu.cl.msu.edu > > > > Return? > kaleidoscope.nubisci.net:guru% traceroute -Sn bantu.cl.msu.edu > traceroute to bantu.cl.msu.edu (35.8.3.18), 30 hops max, 40 byte packets > 1 192.168.0.1 0.571 ms 0.423 ms 0.446 ms (0% loss) > 2 198.109.166.193 3.420 ms * 3.549 ms (33% loss) > 3 * 35.12.51.1 3.435 ms * (66% loss) > 4 35.9.101.13 7.009 ms * 3.239 ms (33% loss) > 5 * 35.8.3.18 3.479 ms * (66% loss) Just wanted to make sure there was no DNS funkiness going on. > > Some comparitive tcpdump(8)s on the inner and outer interfaces would > > help too. > i'll be collecting that data shortly. anything in particular i should look for? Packets going in the inner interface and nothing coming out the other side as well as the reverse. Also watch the delay for in and out. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message