From owner-freebsd-isdn Fri Dec 15 12:13:46 2000 From owner-freebsd-isdn@FreeBSD.ORG Fri Dec 15 12:13:43 2000 Return-Path: Delivered-To: freebsd-isdn@freebsd.org Received: from mail.cs.tu-berlin.de (mail.cs.tu-berlin.de [130.149.17.13]) by hub.freebsd.org (Postfix) with ESMTP id C168D37B400 for ; Fri, 15 Dec 2000 12:13:42 -0800 (PST) Received: from nicky.cs.tu-berlin.de (mh@nicky.cs.tu-berlin.de [130.149.17.43]) by mail.cs.tu-berlin.de (8.9.3/8.9.3) with ESMTP id VAA23801 for ; Fri, 15 Dec 2000 21:13:10 +0100 (MET) Received: (from mh@localhost) by nicky.cs.tu-berlin.de (8.9.3/8.9.3) id VAA25599 for freebsd-isdn@freebsd.org; Fri, 15 Dec 2000 21:13:08 +0100 (MET) Date: Fri, 15 Dec 2000 21:13:04 +0100 From: Matthias Heidbrink To: freebsd-isdn@freebsd.org Subject: Firewall Problem with i4b 0.90.1 / FreeBSD 4.0 - Sample configuration? Message-ID: <20001215211303.C25371@nicky.cs.tu-berlin.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i Sender: owner-freebsd-isdn@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I've got problems with getting my i4b working together with a firewall, dynamical IP addresses and NAT (Network Address Translation, "IP Masquerading"). If this sounds well-known to some of you: I asked for help about it half a year ago, but was not able to find a solution and gave up that time. Setup: - i4b 0.90.1, Teles S016.3 card - sppp via kernel ppp - Internet provider with dynamical IP addresses - The FreeBSD 4.0 "standard" firewall - FreeBSD natd - Firewall configuration "simple" from the default "/etc/rc.firewall" The problem seems to have to do with the combination of dynamical IP addresses and NAT. OK, probably it's not exactly i4b-specific, but I hope to find someone here who knows how to handle this problem or has a working sample configuration. When I start natd in verbose mode and start lynx (Ports 53 and 80 should be allowed), I get the following error message: -------- Out [UDP] [UDP] 0.0.0.0:1518 -> 195.88.140.15:53 aliased to [UDP] 0.0.0.0:1518 -> 195.88.140.15:53 natd: failed to write packet back: Permission denied ------- When I switch the firewall off leaving NAT running, everything seems to work like expected. Does someone of you have a similiar combination working and would send me a working example setup (rc.firewall, isdnd.rc and the sppp setup schript)? Ciao, Matthias -- Matthias Heidbrink E-Mail: Bundesratufer 12 Matthias_Heidbrink@b.maus.de 10555 Berlin, Germany mh@cs.tu-berlin.de Tel. +49-30-8536361 Mobil +49-179-3981150 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isdn" in the body of the message