From owner-freebsd-stable  Thu Oct  4  5:32: 0 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from mail.gactr.uga.edu (mail.gactr.uga.edu [128.192.37.21])
	by hub.freebsd.org (Postfix) with SMTP id D474E37B405
	for <stable@freebsd.org>; Thu,  4 Oct 2001 05:31:57 -0700 (PDT)
Received: (qmail 15702 invoked from network); 4 Oct 2001 12:30:54 -0000
Received: from qat.noc.nat (HELO gactr.uga.edu) ([10.10.100.125]) (envelope-sender <Robin?Blanchard@gactr.uga.edu>)
          by 0 (qmail-ldap-1.03) with SMTP
          for <stable@freebsd.org>; 4 Oct 2001 12:30:54 -0000
Message-ID: <3BBC56A5.CA8F47E4@gactr.uga.edu>
Date: Thu, 04 Oct 2001 08:31:33 -0400
From: "Robin P. Blanchard" <Robin_Blanchard@gactr.uga.edu>
X-Mailer: Mozilla 4.78 [en] (X11; U; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: stable@freebsd.org
Subject: ipfilter/ipnat question
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

every now and then in my ipflog i see that ipfilter has blocked packets
from the internet destined for machines on my internal network:

01/10/2001 19:30:54.722906 3x dc0 @0:23 b 207.68.131.21,80 ->
192.168.0.126,1045 PR tcp len 20 1500 -A IN
01/10/2001 19:40:50.351123 dc0 @0:23 b 207.46.106.81,80 ->
192.168.0.126,1033 PR tcp len 20 1500 -A IN
02/10/2001 17:43:47.320547 50x dc0 @0:23 b 128.192.37.79,20 ->
192.168.0.126,1148 PR tcp len 20 1500 -A IN


my question is: how is it that my internal IPs are getting to these
hosts in the first place? shouldn't ipnat have taken care of that on the
way out?

ipnat.rules:
map dc0 0/0 -> 0/32 proxy port ftp ftp/tcp
map dc0 192.168.0.0/16 -> 0/32 proxy port ftp ftp/tcp
map dc0 192.168.0.0/16 -> 0/32 portmap tcp/udp 40000:65000
map dc0 192.168.0.0/16 -> 0/32

-- 
------------------------------------
Robin P. Blanchard
IT Program Specialist
Georgia Center for Continuing Ed.
fon: 706.542.2404 fax: 706.542.6546
email: Robin_Blanchard@gactr.uga.edu
------------------------------------

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message