On 27/06/03 10:43 -0300, Han Hwei Woo wrote: > Is there any reason you are running both ipfw + ipfilter? Although they > probably should play nice together, it might be best not to tempt fate, > especially when you're experiencing problems. Also, are you using ipnat or > natd to perform NAT?
I tried taking IPDIVERT out of my kernel, but that killed NAT, so I had to revert to the old kernel. I'm still playing with it. I had been told that running both IPFIREWALL and IPDIVERT was unecessary. I am running natd to perform NAT (with the -dynamic flag). -j > > ----- Original Message ----- > From: "Jeremy Bingham" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, June 25, 2003 4:16 PM > Subject: Re: NAT Dropping Internal Connection > > On 25/06/03 14:39 -0400, FBSD_User wrote: > > Sounds like hardware problem with the switch or hub on your LAN. > > Rebooting the machine makes the NAT stuff work again. Could the hub > still be a problem in that case? > > -j > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] Behalf Of Jeremy > > Bingham > > Sent: Wednesday, June 25, 2003 2:25 PM > > To: [EMAIL PROTECTED] > > Subject: NAT Dropping Internal Connection > > > > I have a P-200 running 4.8-STABLE running as a NAT box at home. It > > runs > > well, except that periodically it will drop it's connection on the > > internal side of the network. The external interface still works, > > but the > > internal machines can't ping the NAT box at all and the NAT box > > can't > > ping the internal machines. > > > > I've looked through the mailing lists and google for hints why this > > might be happening, but I can't find anything. /var/log/messages > > also > > reveals nothing. Here are the relevant kernel options: > > > > options IPFIREWALL > > options IPFIREWALL_FORWARD > > options IPFIREWALL_DEFAULT_TO_ACCEPT > > options IPDIVERT > > options IPFILTER > > options IPSTEALTH > > options RANDOM_IP_ID > > options TCP_DROP_SYNFIN > > > > Would any of those cause the problem, or is there a kernel option > > that > > I'm accidentally leaving off? > > > > Thanks, > > > > -Jeremy Bingham > > > > > > ---------------------------------------------- > > /* You are not expected to understand this. */ > > > > Captain_Tenille > > http://www.satanosphere.com/ > > [EMAIL PROTECTED] > > > > -- > > ---------------------------------------------- > /* You are not expected to understand this. */ > > Captain_Tenille > http://www.satanosphere.com/ > [EMAIL PROTECTED] > -- ---------------------------------------------- /* You are not expected to understand this. */ Captain_Tenille http://www.satanosphere.com/ [EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
