Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 29 Jan 1997 15:47:14 -0800 (PST)
From:      Archie Cobbs <archie@whistle.com>
To:        brian@awfulhak.demon.co.uk (Brian Somers)
Cc:        archie@whistle.com, terry@lambert.org, ari.suutari@ps.carel.fi, hackers@freebsd.org, cmott@srv.net
Subject:   Re: ipdivert & masqd
Message-ID:  <199701292347.PAA25117@bubba.whistle.com>
In-Reply-To: <199701292330.XAA14485@awfulhak.demon.co.uk> from Brian Somers at "Jan 29, 97 11:30:52 pm"
next in thread | previous in thread | raw e-mail | index | archive | help 

> Not exactly - on my machine, there are two problems (3.0-current).  The
> machine that's doing the masquerading is 10.0.1.254.
> 
> 1.  When I do a tcp setup from 10.0.1.254 to 10.0.1.1, the packet goes out
>     ok, 10.0.1.1 receives it and replies (netstat shows ESTABLISHED).
>     Masqd/natd receives the packet, fixes it and re-injects it.... then,
>     all of a sudden, nothing happens.  After a long wait, nothing continues
>     to happen :(  It's as if the ip_sum is wrong, but I don't believe that
>     yet as it works ok when there are two divert sockets involved.
> 
> 2.  When a ping is sent from 10.0.1.1 to 10.0.1.254, the incoming icmp
>     packet is picked up by masqd/natd, fondled and re-injected.  That's
>     *all* that masqd/natd sees.  However, 10.0.1.1 gets an ICMP reply.

Hmmm.. a couple of questions, trying to understand the setup. Sorry if
this is starting to get tiring... :-)

 - What is your network topology (ASCII art if possible)? That is,
   what IP interfaces are on what networks with what addresses assigned?

 - What are the ipfw rules that are installed on the diverting machine?

 - Why are any packets having their IP addresses remapped if the two
   machines (at 10.0.1.254 and 10.0.1.1) are on the same subnet?

Also, if netstat shows ESTABLISHED (on either end), then at least
one packet must have successfully made it across in both directions,
due to the TCP handshaking involved in getting to that state.

Thanks,
-Archie

___________________________________________________________________________
Archie Cobbs   *   Whistle Communications, Inc.  *   http://www.whistle.com

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199701292347.PAA25117>