Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 21 Jul 1999 19:56:26 +0200
From:      Rico Pajarola <pajarola@cybertime.ch>
To:        Paulo Fragoso <paulo@nlink.com.br>
Cc:        freebsd-isp@freebsd.org
Subject:   Re: Changes from 2.2.6 to 3.2
Message-ID:  <4.1.19990721194556.00addc40@mail.cybertime.ch>
In-Reply-To: <Pine.BSF.3.96.990721140945.27451E-100000@mirage.nlink.com. br>
next in thread | previous in thread | raw e-mail | index | archive | help 
If you get "sendto permission denied" you probably have your firewall not
initialized correctly. Do 'ipfw l' and see if there are any rules besides
'65535 deny ip from any to any' (and the divert rule for natd, of course).
Make sure you have firewall_enable="YES" in rc.conf. If you only want nat,
and don't need any special firewall functionality (besides divert for
natd), you can set firewall_type='open' (also in rc.conf). If you need
more, get a book about firewalls, or search the archives, there has been a
discussion about firewalls recently.

--Rico

At 14:29 21.07.99 -0300, you wrote:
>Hi,
>
>I was using freebsd 2.2.6 with natd to change my out ip number. I try
>upgrade (with other HD) to 3.2-release using same rc.firewal and flags for
>natd. I can't send out packets by translated interface. For example using
>ping it returns this error: "sendto permission denied".
>
>Are there any change related with this?
>
>I'm using natd to translate 192.168.200.3 to aaa.aaa.aaa.100, because
>other e-mail server can contact to aaa.aaa.aaa.100, but can't contact
>192.168.200.3.
>
>
>                  FreeBSD
> aaa.aaa.aaa.100  Router    192.168.200.3               internet
> ---------------- WebServer --------------------------- router   -->
>                  E-mail                192.168.200.254
>                  natd
>                  etc.
>
>Using 2.2.6 I can translate any from 192.168.200.3 to aaa.aaa.aaa.100, but
>using 3.2 isn't working.
>
>Thanks,
>Paulo.
>
>------
>"  ... Overall we've found FreeBSD to excel in performace, stability,
>technical support, and of course price. Two years after discovering
>FreeBSD, we have yet to find a reason why we switch to anything else"
>						-David Filo, Yahoo!
>
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe freebsd-isp" in the body of the message



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19990721194556.00addc40>