--On Monday, October 13, 2003 14:03:59 -0700 Chris Pressey <[EMAIL PROTECTED]> wrote:
On Mon, 13 Oct 2003 00:19:54 -0500 Larry Rosenman <[EMAIL PROTECTED]> wrote:
I was trying(!) to help a friend out, and built a 4.8-REL box to play Router/NAT and it's ALMOST working. I can't seem to telnet/surf from NAT'd addresses, but PING works fine. [...] What am I missing? What else do you/I need?
This was with the ipfilter ipnat. I tried ipfw, and had the IPDIVERT and the same symptoms.
What's got me is the fact that I can PING, and apparently do DNS lookups, but TCP just doesn't. :-(
LER
THanks for any QUICK replies!
"options IPDIVERT" in your kernel config...?
-Chris _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
If you would post this to freebsd-questions you would probably get better service, since it is most likely a configuration issue.
And yes, it is my understanding that IPDIVERT is not needed for IPFILTER and ipnat. anyone?
the rc.conf gateway_enable option and setting the sysctl forwarding option do the same thing, someone more knowledgeable can answer to that one. Oh, I just checked it sets the forwarding but not fastforwarding.
So you need either method you choose, both is redundant.
You are not very descriptive: can ping? ping [ip.num.for.localhost] or ping [ip.num.for.externalhost] or ping [host.domain.tld]
apparently do name lookups?? are you getting good results from nslookup www.abcnews.com or such?
I think there is a top like command line option for ipfilter you can use to see what ipfilter is doing, but I am not sure if it is helpful with ipnat.
posting to questions instead, I think is appropriate.
Have a good day, David
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
