Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 10 Jun 2001 00:19:03 -0400 (EDT)
From:      "Ian P. Thomas" <ipthomas_77@yahoo.com>
To:        freebsd-questions@freebsd.org
Subject:   natd failed to write packet back
Message-ID:  <200106100419.AAA00394@scraemondaemon.my.domain>

next in thread | raw e-mail | index | archive | help
	I keep getting this message after implementing the firewall
described on freebsd.org for dial-up users with dynamic IP's.

natd failed to write packet back (Permission Denied)

It seems that nat is trying to work before the ppp connection is up.  Is this
correct, and is there any way to have natd wait a few seconds before
starting up at boot time?  Or does the Permission denied part have to do
with the firewall rules.

# set the firewall command
fwcmd="/sbin/ipfw"
# flush rules first
$fwcmd -f flush
# divert all packets to the tun interface
$fwcmd add divert natd all from any to any via tun0
# allow any data from the localhost
$fwcmd add allow ip from any to any via lo0
# allow any connections initiated by this host
$fwcmd add allow tcp from any to any out xmit tun0 setup
# allow established connections to remain open
$fwcmd add allow tcp from any to any via tun0 established
# reset ident packages, don't give out any info
$fwcmd add reset log tcp from any to any 113 in recv tun0
# allow outgoing requests to specific DNS servers
$fwcmd add allow udp from any to 207.217.120.83 53 out xmit tun0
# allow responses to DNS requests
$fwcmd add allow udp from 207.217.120.83 53 to any in recv tun0

	Thanks in advance.

Ian

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106100419.AAA00394>