FreeBSD Mail Archives

Date:      Fri, 06 Apr 2012 16:29:32 -0400
From:      Fbsd8 <fbsd8@a1poweruser.com>
To:        FreeBSD Questions <freebsd-questions@freebsd.org>
Subject:   ipfilter mystery
Message-ID:  <4F7F522C.4040309@a1poweruser.com>

next in thread | raw e-mail | index | archive | help

Running 9.0 and connecting to Time Warner for the first time.
I have private lan behind my 9.0 box.
I have made a real simple rule set and nat rule just to get log
of what is happing.

ipfilter rules.  dc0 faces lan, fxp0 faces public internet

pass in  log quick on dc0 all
pass out log quick on dc0 all
  	
#pass in quick on fxp0 from 10.2.0.1
pass in  log quick on fxp0 all
pass out log quick on fxp0 all
	
pass in  quick on lo0 all
pass out quick on lo0 all

nat rule
map fxp0 10.0.10.0/29 -> 0/32

Ipmon log
fxp0 @0:2 p 10.2.0.1,67 -> 255.255.255.255,68 PR udp len 20 328 IN bad 
broadcast
fxp0 @0:2 p 10.2.0.1,67 -> 255.255.255.255,68 PR udp len 20 328 IN bad 
broadcast
fxp0 @0:2 p 10.2.0.1,67 -> 255.255.255.255,68 PR udp len 20 328 IN bad 
broadcast
fxp0 @0:2 p 10.2.0.1,67 -> 255.255.255.255,68 PR udp len 20 328 IN bad 
broadcast
fxp0 @0:2 p 10.2.0.1,67 -> 255.255.255.255,68 PR udp len 20 384 IN bad 
broadcast
fxp0 @0:2 p 10.2.0.1,67 -> 255.255.255.255,68 PR udp len 20 384 IN bad 
broadcast
fxp0 @0:2 p 10.2.0.1,67 -> 255.255.255.255,68 PR udp len 20 328 IN bad 
broadcast
dc0  @0:1 p 10.0.10.1,55884 -> 209.18.47.61,53 PR udp len 20 61 IN
fxp0 @0:2 p 177.99.209.140,55884 -> 209.18.47.61,53 PR udp len 20 61 OUT NAT
fxp0 @0:2 p 209.18.47.61,53 -> 10.0.10.1,55884 PR udp len 20 95 IN bad NAT
dc0  @0:1 p 209.18.47.61,53 -> 10.0.10.1,55884 PR udp len 20 95 OUT bad
dc0  @0:1 p 10.0.10.1,55660 -> 209.18.47.61,53 PR udp len 20 64 IN
fxp0 @0:2 p 177.99.209.140,55660 -> 209.18.47.61,53 PR udp len 20 64 OUT NAT
dc0  @0:1 p 10.0.10.1,51926 -> 209.18.47.61,53 PR udp len 20 62 IN
fxp0 @0:2 p 177.99.209.140,51926 -> 209.18.47.61,53 PR udp len 20 62 OUT NAT
dc0  @0:1 p 10.0.10.1,58697 -> 209.18.47.61,53 PR udp len 20 61 IN
fxp0 @0:2 p 177.99.209.140,58697 -> 209.18.47.61,53 PR udp len 20 61 OUT NAT
fxp0 @0:2 p 209.18.47.61,53 -> 10.0.10.1,55660 PR udp len 20 80 IN bad NAT
dc0  @0:1 p 209.18.47.61,53 -> 10.0.10.1,55660 PR udp len 20 80 OUT bad
dc0  @0:1 p 10.0.10.1,49947 -> 209.18.47.61,53 PR udp len 20 64 IN
fxp0 @0:2 p 177.99.209.140,49947 -> 209.18.47.61,53 PR udp len 20 64 OUT NAT
fxp0 @0:2 p 209.18.47.61,53 -> 10.0.10.1,58697 PR udp len 20 77 IN bad NAT
dc0  @0:1 p 209.18.47.61,53 -> 10.0.10.1,58697 PR udp len 20 77 OUT bad
fxp0 @0:2 p 209.18.47.61,53 -> 10.0.10.1,51926 PR udp len 20 100 IN bad NAT
dc0  @0:1 p 209.18.47.61,53 -> 10.0.10.1,51926 PR udp len 20 100 OUT bad
dc0  @0:1 p 10.0.10.1,49901 -> 209.18.47.61,53 PR udp len 20 63 IN
fxp0 @0:2 p 177.99.209.140,49901 -> 209.18.47.61,53 PR udp len 20 63 OUT NAT
dc0  @0:1 p 10.0.10.1,59865 -> 209.18.47.61,53 PR udp len 20 66 IN
fxp0 @0:2 p 177.99.209.140,59865 -> 209.18.47.61,53 PR udp len 20 66 OUT NAT
fxp0 @0:2 p 209.18.47.61,53 -> 10.0.10.1,59865 PR udp len 20 82 IN bad NAT
dc0  @0:1 p 209.18.47.61,53 -> 10.0.10.1,59865 PR udp len 20 82 OUT bad
dc0  @0:1 p 10.0.10.1,53742 -> 209.18.47.61,53 PR udp len 20 71 IN
fxp0 @0:2 p 177.99.209.140,53742 -> 209.18.47.61,53 PR udp len 20 71 OUT NAT
fxp0 @0:2 p 209.18.47.61,53 -> 10.0.10.1,49947 PR udp len 20 116 IN bad NAT
dc0  @0:1 p 209.18.47.61,53 -> 10.0.10.1,49947 PR udp len 20 116 OUT bad
fxp0 @0:2 p 209.18.47.61,53 -> 10.0.10.1,49901 PR udp len 20 99 IN bad NAT
dc0  @0:1 p 209.18.47.61,53 -> 10.0.10.1,49901 PR udp len 20 99 OUT bad
fxp0 @0:2 p 209.18.47.61,53 -> 10.0.10.1,53742 PR udp len 20 120 IN bad NAT
dc0  @0:1 p 209.18.47.61,53 -> 10.0.10.1,53742 PR udp len 20 120 OUT bad
fxp0 @0:2 p 10.2.0.1,67 -> 255.255.255.255,68 PR udp len 20 328 IN bad 
broadcast
dc0  @0:1 p 10.0.10.1,1320 -> 69.147.83.34,80 PR tcp len 20 48 -S IN
fxp0 @0:2 p 177.99.209.140,1320 -> 69.147.83.34,80 PR tcp len 20 48 -S 
OUT NAT

10.0.10.1 is the laptop in the lan.
10.2.0.1 is being sent by time warner
I can not understand why I am getting the "IN bad NAT"

The webpage loaded ok on the lan laptop.

I have been using ipfilter since release 3.2 and this is the first isp
i ever got this kind of problem with.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F7F522C.4040309>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation