Date: Tue, 10 May 2005 01:09:43 +0200 From: Frank de Bot <freebsd@searchy.nl> To: freebsd-questions@freebsd.org Subject: Re: ipfw + natd => some sites won't work :-S Message-ID: <427FEDB7.6000002@searchy.nl> In-Reply-To: <MIEPLLIBMLEEABPDBIEGEEHMHEAA.fbsd_user@a1poweruser.com> References: <MIEPLLIBMLEEABPDBIEGEEHMHEAA.fbsd_user@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The ipfw rules standing without any other rules and '65535 allow ip from any to any' as last rule give the same behaviour. So it's not a firewall case. The network layout is posted in my reaction to Emanuel. Sites I can't access are: www.tweakers.net www.fok.nl www.yahoo.com www.userfriendly.org www.thinkgeek.com Sites i CAN access: www.google.com www.gmail.com www.fastclick.net fbsd_user wrote: > > Seeing snippet of your firewall rules is not giving us enough info > to work on. > You have to post complete rule set because of the way rules are > processed. > > Also an explanation of your private network layout and how you > connect to the internet is needed. > > List sites you can not access. > > > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Frank de > Bot > Sent: Monday, May 09, 2005 6:42 PM > To: freebsd-questions@freebsd.org > Subject: ipfw + natd => some sites won't work :-S > > > Hi, > > I got my FreeBSD set up to do nat, but it doesn't work 100%. Sites > like > Google for instance does work, but many other don't. All other > protocols > seems to be working properly. But why are sites failing to do > anything? > I got running natd with the verbose option and successfull request > of > google is indentical to a random other site :S > The firewall I use is rather big. the most important piece is: > > 01200 723 652298 divert 8668 ip from any to 82.94.238.70 via > fxp0 > 01200 521 85279 divert 8668 ip from 10.0.5.0/24 to any > 01200 0 0 allow ip from any to 10.0.5.0/24 > 01201 524 85399 allow ip from 82.94.238.70 to any > 01201 3 144 allow ip from any to 82.94.238.70 > 01500 871494 216106437 allow tcp from any to any established > > > /etc/natd.conf is: > > alias_address %external_ip% > verbose > > > It just puzzles me why only some http request would fail and > everything > works fine! > Anyone got any idea? > > > Thanks in advanced, > > Frank de Bot > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > > ------------------------------------------------------------------------ > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?427FEDB7.6000002>