Date: Thu, 04 Oct 2001 08:31:33 -0400 From: "Robin P. Blanchard" <Robin_Blanchard@gactr.uga.edu> To: stable@freebsd.org Subject: ipfilter/ipnat question Message-ID: <3BBC56A5.CA8F47E4@gactr.uga.edu>
next in thread | raw e-mail | index | archive | help
every now and then in my ipflog i see that ipfilter has blocked packets from the internet destined for machines on my internal network: 01/10/2001 19:30:54.722906 3x dc0 @0:23 b 207.68.131.21,80 -> 192.168.0.126,1045 PR tcp len 20 1500 -A IN 01/10/2001 19:40:50.351123 dc0 @0:23 b 207.46.106.81,80 -> 192.168.0.126,1033 PR tcp len 20 1500 -A IN 02/10/2001 17:43:47.320547 50x dc0 @0:23 b 128.192.37.79,20 -> 192.168.0.126,1148 PR tcp len 20 1500 -A IN my question is: how is it that my internal IPs are getting to these hosts in the first place? shouldn't ipnat have taken care of that on the way out? ipnat.rules: map dc0 0/0 -> 0/32 proxy port ftp ftp/tcp map dc0 192.168.0.0/16 -> 0/32 proxy port ftp ftp/tcp map dc0 192.168.0.0/16 -> 0/32 portmap tcp/udp 40000:65000 map dc0 192.168.0.0/16 -> 0/32 -- ------------------------------------ Robin P. Blanchard IT Program Specialist Georgia Center for Continuing Ed. fon: 706.542.2404 fax: 706.542.6546 email: Robin_Blanchard@gactr.uga.edu ------------------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3BBC56A5.CA8F47E4>