Date: Tue, 14 Jan 1997 08:42:15 +1100 (EDT) From: Darren Reed <avalon@coombs.anu.edu.au> To: tinguely@plains.nodak.edu (Mark Tinguely) Cc: chris@mail.bb.cc.wa.us, brian@awfulhak.demon.co.uk, hackers@FreeBSD.org Subject: Re: IPFILTER Message-ID: <199701132143.NAA07881@freefall.freebsd.org> In-Reply-To: <199701131951.NAA22684@plains.nodak.edu> from "Mark Tinguely" at Jan 13, 97 01:51:27 pm
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Mark Tinguely, sie said: > > > in the FBSD box i have two network cards. > > fxp0 inet 208.8.136.10 > > fxp1 inet 10.16.14.1 > > > <deleted> > > when i ping 10.16.14.1 i get nothing. > > ping (and traceroute) uses ICMP not IP. ICMP is not rewritten in NAT rules. > get the Stevens book to see an example of UDP ping if you wish to use ping. ICMP is now (but it doesn't rewrite the headers in error packets). > Also, to get a successful remapping for IP application, be sure that you > turned on the IP forwarding on the NAT host (ie: > > sysctl -w net.inet.ip.forwarding=1 > > ). even better, for things like ftp which have address data in the TCP stream, use a proxy. Darren
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199701132143.NAA07881>