Date: Mon, 06 Aug 2001 19:38:30 -0500 From: David Kelly <dkelly@grumpy.dyndns.org> To: "Scott Reese" <sreese@codysbooks.com> Cc: "Nick Rogness" <nick@rogness.net>, freebsd-questions@FreeBSD.ORG Subject: Re: natd[135]:failed to write packet back Message-ID: <200108070038.f770cUx96672@grumpy.dyndns.org> In-Reply-To: Message from "Scott Reese" <sreese@codysbooks.com> of "Mon, 06 Aug 2001 11:49:33 PDT." <033e01c11ea8$88787820$1800a8c0@borges>
next in thread | previous in thread | raw e-mail | index | archive | help
"Scott Reese" writes: > > I don't think it's a Windows thing because the other machines on the network > are off-line when the errors pop up (one is a Win2K box and the other is Mac > laptop). They always show up at the same time every night: one at 3:07 AM > and another at 3:09 AM. This happens whether or not the other computers are > actually on. So, I'm not sure what the source/destination is and I guess > that's really what I'm trying to find out. Any ideas? If you have ipfw logging enabled try to correlate the /var/log/message error with one in /var/log/security. The problem is a packet was given to natd via divert but the re-written packet is denied by a firewall rule. Manually debug by manually adding from the keyboard "ipfw add NNNN log deny ..." cloned rules in front of your non-logging deny rules. Liberally probe the status with "ipfw -a list" and reset the counts with "ipfw zero". IMHO natd should be more verbose about the problem packet. -- David Kelly N4HHE, dkelly@hiwaay.net ===================================================================== The human mind ordinarily operates at only ten percent of its capacity -- the rest is overhead for the operating system. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200108070038.f770cUx96672>