From owner-freebsd-ipfw Mon Jan 17 19:37:15 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from altair.origenbio.com (altair.origenbio.com [216.30.62.130]) by hub.freebsd.org (Postfix) with ESMTP id DF3AC1503A for ; Mon, 17 Jan 2000 19:37:12 -0800 (PST) (envelope-from dmartin@origen.com) Received: from origen.com (dubhe.origen [192.168.0.5]) by altair.origenbio.com (8.9.3/8.9.3) with ESMTP id VAA07640; Mon, 17 Jan 2000 21:37:09 -0600 (CST) (envelope-from dmartin@origen.com) Message-ID: <3883DFAC.9129CCBA@origen.com> Date: Mon, 17 Jan 2000 21:36:12 -0600 From: Richard Martin X-Mailer: Mozilla 4.6 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: "Crist J. Clark" Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: loss of setup option in ipfw References: <3882608D.E77903EE@origen.com> <20000117205243.A63571@cc942873-a.ewndsr1.nj.home.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > I cannot now use the 'setup' option for TCP packets. > > And the error message is...? When this line is run /sbin/ipfw add pass tcp from any to {$oip} 25 setup I get: ipfw: error: extraneous filename arguments usage: ipfw [options] [pipe] flush add [number] rule [pipe] delete number ... [pipe] list [number ...] [pipe] show [number ...] zero [number ...] Continuing syntax suggestions from ipfw including established/setup option.. however, when the word 'setup' is dropped, the rule is added to the set. Very puzzling, I get the same error when I try to load the default rc.firewall script which came with the package. I am about ready to set up another system and retrace my steps to see where the conflict came in. > > > ************ > > > > reply packets coming back to our LAN are addressed back to the > > internal LAN IPs. I though natd woudl give them the external IP > > The packets with addresses of your private address-space are leaking > out onto the net? That should not be happening. How is natd configured > and how is your network setup? What are your firewall rules? the natd line is 2nd in the set after the flush command /sbin/ipfw add divert natd all from any to any via xl0 xl0 being the external NIC; vx0 the internal LAN ps reports natd is running with the -n flag on xl0 -- Richard Martin dmartin@origen.com OriGen Biomedical Tel: +1 512 474 7278 2525 Hartford Rd. Fax: +1 512 708 8522 Austin, TX 78703 http://www.formed.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message