Hello,
Approximately 90%-95% of file transfers during portupgrade result in the
error message "No route to Host". If the file in question resides only
on an ftp site, I disable the firewall in order to transfer the file in.
Yesterday, I resorted to commenting out the second of three IPNAT Rules
in my /etc/ipnat.rules file, modeled after the Handbook version in
section 25.5.21.1, and was able to complete the upgrade. Not sure I
would recommend this procedure however...My rules follow:
This rule will handle all the traffic for the internal LAN:
map tun0 192.168.1.0/24 -> 0/32 proxy port 21 ftp/tcp
This rule handles the FTP traffic from the gateway:
map tun0 0.0.0.0/0 -> 0/32 proxy port 21 ftp/tcp
This rule handles all non-FTP traffic from the internal LAN:
map tun0 192.168.1.0/24 -> 0/32
If I was reading Ethereal correctly, packets/data returning from the ftp
site made it to the gateway, 192.168.1.254, but couldn't make it to the
host, 192.168.1.15. The message was something like, "Host unreachable".
Admittedly, I have little knowledge or expertise in this matter and
would appreciate your suggestions to help resolve this issue. Do my
rules follow protocol? Are they accurate?
I built my IPF Firewall using the Handbook and reviewed most, if not
all, of the recommended websites for more assistance and understanding.
Thanks,
Bob
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
