From owner-freebsd-stable Sun Apr 15 18: 3:55 2001 Delivered-To: freebsd-stable@freebsd.org Received: from veldy.net (w028.z064001117.msp-mn.dsl.cnc.net [64.1.117.28]) by hub.freebsd.org (Postfix) with ESMTP id E491D37B446 for ; Sun, 15 Apr 2001 18:03:48 -0700 (PDT) (envelope-from veldy@veldy.net) Received: from HP2500B (fuggle.veldy.net [64.1.117.28]) by veldy.net (Postfix) with SMTP id 58DD9BA51; Fri, 13 Apr 2001 14:11:32 -0500 (CDT) Message-ID: <010801c0c44c$e6c14bc0$3028680a@tgt.com> From: "Thomas T. Veldhouse" To: "Mike Murphree" Cc: "Gordon Tetlow" , References: <000701c0c431$09a2ce00$3028680a@tgt.com> <002b01c0c43b$95b2ee20$3028680a@tgt.com> <20010413134519.C23946@n4cnw.dyndns.org> Subject: Re: natd[232]: failed to write packet back (Permission denied) Date: Fri, 13 Apr 2001 14:06:52 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG named. Yes, you are correct, I found it a few minutes ago. I was not passing local traffic to the Internet. Funny though, named runs on the firewall machine and I was allowing its traffic. I monitored both interfaces with tcpdump and there was no traffic except for the occasional netbios stuff from the Windows machines. They didn't seem to trigger the messages though. Anyway --- all messages have ceased with the proper outgoing rules and stateful rules. Why does the default SIMPLE firewall in /etc/rc.firewall configure in such a way as to cause these messages to flood the logs? Tom Veldhouse veldy@veldy.net ----- Original Message ----- From: "Mike Murphree" To: "Thomas T. Veldhouse" Sent: Friday, April 13, 2001 1:45 PM Subject: Re: natd[232]: failed to write packet back (Permission denied) > > I've always got these messages because of firewall rules for outgoing > packets. If the firewall blocks it, you won't *see* any activity on > the LAN. Do you have anything like ntpd running that would be generating > outgoing packets? Or named? > > Mike > > On Fri, Apr 13, 2001 at 12:02:47PM -0500, Thomas T. Veldhouse wrote: > > As an addendum -- I get these messages even when there is NO activity on the > > LAN -- so natd is not even being used by any client. > > > > Tom Veldhouse > > veldy@veldy.net > > > > ----- Original Message ----- > > From: "Thomas T. Veldhouse" > > To: > > Sent: Friday, April 13, 2001 10:47 AM > > Subject: natd[232]: failed to write packet back (Permission denied) > > > > > > > Apr 13 10:47:37 fuggle natd[232]: failed to write packet back (Permission > > > denied) > > > Apr 13 10:47:46 fuggle last message repeated 4 times > > > Apr 13 10:47:47 fuggle su: veldy to root on /dev/ttyp0 > > > Apr 13 10:47:58 fuggle natd[232]: failed to write packet back (Permission > > > denied) > > > Apr 13 10:48:31 fuggle last message repeated 3 times > > > > > > > > > Can anybody explain what causes this? I have look through archive after > > > archive and have found many many reports of this problem, but no solution. > > > The closest I have come is a message that says to check the firewall rules > > > to see what is blocking packets passed back from natd. This cannot be it > > > because I have added rules after the natd divert to open everything and > > this > > > still occurs. > > > > > > Please help -- this fills logs and is a nuisance -- it has been a problem > > > ever since at least 4.1.1. > > > > > > Tom Veldhouse > > > veldy@veldy.net > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-stable" in the body of the message > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-stable" in the body of the message > > > > -- > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message