From owner-freebsd-questions  Mon Oct 19 23:23:10 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id XAA12709
          for freebsd-questions-outgoing; Mon, 19 Oct 1998 23:23:10 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from ds9.dreamhaven.org (dt091n3e.san.rr.com [204.210.47.62])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id XAA12704
          for <freebsd-questions@freebsd.org>; Mon, 19 Oct 1998 23:23:06 -0700 (PDT)
          (envelope-from data@dreamhaven.net)
Received: (qmail 443 invoked by uid 1010); 20 Oct 1998 06:22:41 -0000
Date: Mon, 19 Oct 1998 23:22:41 -0700 (PDT)
From: Bryce Newall <data@dreamhaven.net>
X-Sender: data@ds9.dreamhaven.org
To: Matt Prigge <prigge@bucknell.edu>
cc: FreeBSD Questions List <freebsd-questions@FreeBSD.ORG>
Subject: Re: More IPFW/natd trouble, but I'm close!
In-Reply-To: <088d01bdfbec$63c12d60$28735286@prigge.resnet.bucknell.edu>
Message-ID: <Pine.NEB.3.96.981019232102.437A-100000@ds9.dreamhaven.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Tue, 20 Oct 1998, Matt Prigge wrote:

> line referencing natd is not early enough in rc.firewall. all of your
> packets from the internal network are being forwarded before natd gets to
> change their network numbers (and no sane internet router will pass
> unregistered ip addresess). try putting "ipfw add divert natd all from any
> to any via vx0" right before "ipfw add 65000 pass all from any to any". If

You, my friend, are a genious!  That worked.  I did notice when I booted
my FreeBSD machine back up that the following message appeared in
/var/log/messages:

Oct 19 23:10:51 ds9 natd: failed to write packet back (No route to host)

I'm assuming that's probably because it was trying to talk to something
through vx0, which hadn't yet gotten its IP from the DHCP server.  Does
that sound about right?

Also, any ideas on how I could forward packets destined for a particular
hostname through my firewall and to the correct local host on my internal
network?

Thanks again for the help!

**********************************************************************
*       Bryce Newall       *       Email: data@dreamhaven.net        *
*               WWW: http://home.dreamhaven.net/~data                *
*       "Insanity takes its toll.  Please have exact change."        *
**********************************************************************


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message