From owner-freebsd-small Thu Sep 7 14:36:33 2000 Delivered-To: freebsd-small@freebsd.org Received: from ns1.sunesi.net (ns1.sunesi.net [196.15.192.194]) by hub.freebsd.org (Postfix) with ESMTP id 6FF8737B422 for ; Thu, 7 Sep 2000 14:36:30 -0700 (PDT) Received: from nbm by ns1.sunesi.net with local (Exim 3.03 #1) id 13X9LF-000CDJ-00; Thu, 07 Sep 2000 23:36:17 +0200 Date: Thu, 7 Sep 2000 23:36:17 +0200 From: Neil Blakey-Milner To: Tim O'Neil Cc: freebsd-small@freebsd.org Subject: Re: PicoBSD build request Message-ID: <20000907233617.A46922@mithrandr.moria.org> References: <4.3.2.7.2.20000907070627.00b18270@mail.flashcom.net> <200009071418.QAA28992@info.iet.unipi.it> <4.3.2.7.2.20000907094231.00e09ab0@mail.flashcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <4.3.2.7.2.20000907094231.00e09ab0@mail.flashcom.net>; from bwana@flashcom.net on Thu, Sep 07, 2000 at 09:56:35AM -0700 Organization: Sunesi Clinical Systems X-Operating-System: FreeBSD 3.3-RELEASE i386 X-URL: http://rucus.ru.ac.za/~nbm/ Sender: owner-freebsd-small@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu 2000-09-07 (09:56), Tim O'Neil wrote: > >I still think that the gap between ipfw and ipfilter is reducing. > >We have stateful inspection now, and the other features (natd, what > To answer your first question; "motivations", the deal was this: > I have an ISP that is using fishy routers (either dhcp assigned ips, > or something, its been a while) to serve my segment of their network. > I couldn't get ipfw to work at all, it would write a cryptic message > to the syslog, something about the ip subsystem couldn't "write the > packet back." You were doing NAT? Was it natd or the kernel complaining? I suspect natd. It just means the translated packet didn't pass the firewall rules. Neil -- Neil Blakey-Milner Sunesi Clinical Systems nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-small" in the body of the message