From owner-freebsd-isdn Fri Dec 15 12:50:14 2000 From owner-freebsd-isdn@FreeBSD.ORG Fri Dec 15 12:50:12 2000 Return-Path: Delivered-To: freebsd-isdn@freebsd.org Received: from post.webmailer.de (natmail2.webmailer.de [192.67.198.65]) by hub.freebsd.org (Postfix) with ESMTP id 09DD737B400 for ; Fri, 15 Dec 2000 12:50:11 -0800 (PST) Received: from bastion.localhost (p3E9E1515.dip.t-dialin.net [62.158.21.21]) by post.webmailer.de (8.9.3/8.8.7) with ESMTP id VAA18181; Fri, 15 Dec 2000 21:50:09 +0100 (MET) Received: from masterpc (master [192.168.0.1]) by bastion.localhost (8.11.1/8.11.1) with ESMTP id eBFKoTr73838; Fri, 15 Dec 2000 20:50:29 GMT Date: Fri, 15 Dec 2000 21:49:44 -0800 From: Boris X-Mailer: The Bat! (v1.46d) Personal Reply-To: Boris X-Priority: 3 (Normal) Message-ID: <30110732334.20001215214944@x-itec.de> To: Matthias Heidbrink Cc: freebsd-isdn@FreeBSD.ORG Subject: Re: Firewall Problem with i4b 0.90.1 / FreeBSD 4.0 - Sample configuration? In-reply-To: <20001215211303.C25371@nicky.cs.tu-berlin.de> References: <20001215211303.C25371@nicky.cs.tu-berlin.de> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isdn@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello Matthias, Friday, December 15, 2000, 12:13:04 PM, you wrote: MH> Hi, MH> I've got problems with getting my i4b working together with a MH> firewall, dynamical MH> IP addresses and NAT (Network Address Translation, "IP MH> Masquerading"). MH> If this sounds well-known to some of you: I asked for help MH> about it half a year MH> ago, but was not able to find a solution and gave up that time. Maybe i can help you. MH> The problem seems to have to do with the combination of MH> dynamical IP addresses and NAT. MH> OK, probably it's not exactly i4b-specific, but I hope to find MH> someone here who knows how MH> to handle this problem or has a working sample configuration. MH> When I start natd in verbose mode and start lynx (Ports 53 and MH> 80 should be allowed), MH> I get the following error message: MH> -------- MH> Out [UDP] [UDP] 0.0.0.0:1518 -> 195.88.140.15:53 aliased to MH> [UDP] 0.0.0.0:1518 -> 195.88.140.15:53 MH> natd: failed to write packet back: Permission denied MH> ------- At first, what does "ipfw show" gives you for output if everything is enabled and if you get the permission denied? After clearing the rules, we go to step 2, and maybe we need to do a little tricky to reset the nat-daemon, but details later. -- Boris [MCSE, CNA] ................................................................... X-ITEC : Consulting * Programming * Net-Security * Crypto-Research ........: [PRIVATE ADDRESS:] : Boris Köster eMail koester@x-itec.de http://www.x-itec.de : Grüne 33-57368 Lennestadt Germany Tel: +49 (0)2721 989400 : 101 % PERFECTION - SECURITY - STABILITY - FUNCTIONALITY ........:.......................................................... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isdn" in the body of the message