From owner-freebsd-stable Mon Jul 19 5:44:19 1999 Delivered-To: freebsd-stable@freebsd.org Received: from fep9.mail.ozemail.net (fep9.mail.ozemail.net [203.2.192.103]) by hub.freebsd.org (Postfix) with ESMTP id 0DA7B15132; Mon, 19 Jul 1999 05:44:13 -0700 (PDT) (envelope-from c9710216@atlas.newcastle.edu.au) Received: from atlas.newcastle.edu.au (slnew55p58.ozemail.com.au [203.108.151.136]) by fep9.mail.ozemail.net (8.9.0/8.6.12) with ESMTP id WAA25915; Mon, 19 Jul 1999 22:42:40 +1000 (EST) Message-ID: <37931C99.7038563D@atlas.newcastle.edu.au> Date: Mon, 19 Jul 1999 22:39:53 +1000 From: obituary X-Mailer: Mozilla 4.6 [en] (X11; I; FreeBSD 4.0-CURRENT i386) X-Accept-Language: en MIME-Version: 1.0 To: Dag-Erling Smorgrav Cc: freebsd-current@FreeBSD.ORG, freebsd-stable@FreeBSD.ORG Subject: Re: Problem with cvsup References: <3791BFE4.D18901D3@atlas.newcastle.edu.au> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Dag-Erling Smorgrav wrote: > > obituary writes: > > If anyone can shed some light on my situation (or has experienced > > similar troubles themselves) I'd be most grateful to hear from you. > > You forgot to attach the output of 'ipfw -a l'. Ok, since my original post I've done a little more testing. The problem appears to be related to natd. If natd has been run at any time since booting, the problems occur. I compiled a fresh kernel on the firewall machine (3.2-RELEASE) without firewalling options. Everything worked fine -- I was able to cvsup the firewall box. I then recompiled with the firewalling options enabled, but set the firewall_type="open" and natd_enable="NO" in rc.conf. Once again, everything worked fine. I enabled natd to see if I could cvsup my other machine (4.0-CURRENT) and that's where the trouble started. I couldn't cvsup the CURRENT box *or* the firewall box after enabling natd. I couldn't even cvsup the firewall box after taking the divert rule out! Listing of ipfw -a l: 00100 16 1792 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 1742 663154 divert 8668 ip from any to any via ppp0 65000 9023 1751445 allow ip from any to any 65535 0 0 deny ip from any to any List of options in my kernel: pseudo-device ether #Generic Ethernet pseudo-device loop #Network loopback device pseudo-device ppp 2 #Point-to-point protocol options PPP_BSDCOMP #PPP BSD-compress support options PPP_DEFLATE #PPP zlib/deflate/gzip support options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #print information about # dropped packets options IPDIVERT The command I use for natd is: natd -dynamic -n ppp0 I've also tried the -m option, but it makes no difference. -jake (obituary) Powered by FreeBSD c9710216@atlas.newcastle.edu.au http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message