From owner-freebsd-hackers Tue Jan 28 23:23:07 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id XAA15513 for hackers-outgoing; Tue, 28 Jan 1997 23:23:07 -0800 (PST) Received: from lassie.eunet.fi (lassie.eunet.fi [192.26.119.7]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id XAA15500 for ; Tue, 28 Jan 1997 23:22:58 -0800 (PST) Received: from tahko.lpr.carel.fi ([192.46.69.100]) by lassie.eunet.fi with SMTP id AA09497 (5.67a/IDA-1.5 for ); Wed, 29 Jan 1997 09:22:31 +0200 Received: from mercury.ps.carel.fi by tahko.lpr.carel.fi with ESMTP (8.7.5/1.1) id JAA20105; Wed, 29 Jan 1997 09:14:20 +0200 (EET) Received: from sodium.ps.carel.fi (sodium.ps.carel.fi [194.137.216.111]) by mercury.ps.carel.fi (8.8.2/8.8.2) with SMTP id KAA11177; Wed, 29 Jan 1997 10:10:06 +0200 (EET) Received: by sodium.ps.carel.fi with Microsoft Mail id <01BC0DC7.5A8AF380@sodium.ps.carel.fi>; Wed, 29 Jan 1997 09:32:32 +0200 Message-Id: <01BC0DC7.5A8AF380@sodium.ps.carel.fi> From: Ari Suutari To: "'Archie Cobbs'" , Brian Somers Cc: "hackers@freebsd.org" , "cmott@srv.net" Subject: RE: ipdivert & masqd Date: Wed, 29 Jan 1997 09:32:31 +0200 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hi everyone, I had these problems with latest 2.2-SNAP release and maybe, just maybe with 2.2-ALPHA. It was quite simple to reproduce the problem - it occurred every time I opened a TCP connection from the same machine that natd was running on. Everything works well if packets come from different interface and are routed to another. I did some investigations in the kernel land (not being any expert on that), but it seemed like the ip_divert_ignore flag was still set (from processing a outgoing packet) when an incoming packet arrived. I used tcpdump and natd (in verbose mode) at the same time initially to figure out that the problem exists. To set up a testing environment with natd, one could say something like: ipfw flush ipfw add divert 32000 ip from any to any via your-if-name ipfw add pass ip from any to any natd -i 32000 -o 32001 -a your-if-address -v The port 32001 here is a dummy - it is required by the current code in natd. However, it is quite harmess, since no packets are diverted to that port with this setup. Hope this helps, Ari S. -----Original Message----- From: Archie Cobbs [SMTP:archie@whistle.com] Sent: 29. tammikuuta 1997 4:18 To: Brian Somers Cc: hackers@freebsd.org; ari.suutari@ps.carel.fi; cmott@srv.net Subject: Re: ipdivert & masqd > On investigation, he's correct. Tcp & udp return setup packets coming into > the machine with masqd running seem to disappear - masqd sees them, but when > it injects them back into the divert socket they disappear (the app never > sees them). > > This shows itself when you try to initiate a tcp/udp connection through the > divert sockets from the machine running masqd.... a timeout occurs. However, > machines that are having packets forwarded through the masqd machine are fine. > I'll have a look at the divert code and see if I can come up with anything > interresting. Under which version(s) of FreeBSD are you guys having this problem ? I'm trying to track it down... Thanks, -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com