From owner-freebsd-isp Wed Jul 21 10:57:48 1999 Delivered-To: freebsd-isp@freebsd.org Received: from three.overmind.ch (three.overmind.ch [194.191.120.154]) by hub.freebsd.org (Postfix) with ESMTP id 482E514D0F for ; Wed, 21 Jul 1999 10:57:43 -0700 (PDT) (envelope-from pajarola@cybertime.ch) Received: from tiamat.dlc.cybertime.ch (gw1-06.cybertime.ch [194.191.120.166]) by three.overmind.ch (8.9.3/8.9.3) with SMTP id TAA63837; Wed, 21 Jul 1999 19:57:26 +0200 (CEST) (envelope-from pajarola@cybertime.ch) Message-Id: <4.1.19990721194556.00addc40@mail.cybertime.ch> X-Sender: pajarola@shrike.overmind.ch X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Wed, 21 Jul 1999 19:56:26 +0200 To: Paulo Fragoso From: Rico Pajarola Subject: Re: Changes from 2.2.6 to 3.2 Cc: freebsd-isp@freebsd.org In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org If you get "sendto permission denied" you probably have your firewall not initialized correctly. Do 'ipfw l' and see if there are any rules besides '65535 deny ip from any to any' (and the divert rule for natd, of course). Make sure you have firewall_enable="YES" in rc.conf. If you only want nat, and don't need any special firewall functionality (besides divert for natd), you can set firewall_type='open' (also in rc.conf). If you need more, get a book about firewalls, or search the archives, there has been a discussion about firewalls recently. --Rico At 14:29 21.07.99 -0300, you wrote: >Hi, > >I was using freebsd 2.2.6 with natd to change my out ip number. I try >upgrade (with other HD) to 3.2-release using same rc.firewal and flags for >natd. I can't send out packets by translated interface. For example using >ping it returns this error: "sendto permission denied". > >Are there any change related with this? > >I'm using natd to translate 192.168.200.3 to aaa.aaa.aaa.100, because >other e-mail server can contact to aaa.aaa.aaa.100, but can't contact >192.168.200.3. > > > FreeBSD > aaa.aaa.aaa.100 Router 192.168.200.3 internet > ---------------- WebServer --------------------------- router --> > E-mail 192.168.200.254 > natd > etc. > >Using 2.2.6 I can translate any from 192.168.200.3 to aaa.aaa.aaa.100, but >using 3.2 isn't working. > >Thanks, >Paulo. > >------ >" ... Overall we've found FreeBSD to excel in performace, stability, >technical support, and of course price. Two years after discovering >FreeBSD, we have yet to find a reason why we switch to anything else" > -David Filo, Yahoo! > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message