Date: Wed, 11 Apr 2001 10:59:30 -0500 From: "Ryan VanMiddlesworth" <ryanvm@ci.richmond.in.us> To: <freebsd-questions@freebsd.org> Subject: IPNAT not working with SOME websites Message-ID: <000701c0c2a0$67333920$0401010a@RYANVM5300>
next in thread | raw e-mail | index | archive | help
This one really has me scratching my head. As easy as it is to reproduce I would think it would have been asked a million times, but Google and I can't even find it mentioned. So here goes: I have a dedicated Internet connection to a particular box running FreeBSD 4.2-STABLE that serves as a gateway. The box has two NICs - one to the Internet (208.196.36.248) and the other to my internal network (10.1.0.0/16). I have setup ipfilter and am using ipnat to masquerade the 10.1.0.0 addresses as the 208.196.36.248. Everything works fine for viewing 95% of all web sites, however certain sites (e.g. Hotmail, Yahoo, Gateway.com, etc.) ALWAYS timeout when viewing certain CGI generated pages. However, if I take the computer out of the 10.1.0.0 network and give it an Internet viewable address then it works fine. Following links doesn't cause a problem, just CGI - and not all CGI, just some. For instance, I can't even login to Hotmail - after putting in name and password it just times out after about 2 minutes. But I can fill out forms on most other web pages. Here are my ipnat rules: map ed0 10.1.0.0/16 -> 208.196.36.248/32 proxy port ftp ftp/tcp map ed0 10.1.0.0/16 -> 208.196.36.248/32 portmap tcp/udp 10000:40000 map ed0 10.1.0.0/16 -> 208.196.36.248/32 So, what am I doing wrong? I've setup masquerading on Linux a million times (using ipchains) and I've never had any problems like this. I'm am fairly certain it must be something I'm doing, just because it's such an easily reproducible problem that I can't believe no one has ever seen (and fixed) it. Thanks in advance, Ryan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000701c0c2a0$67333920$0401010a>