Re: MPD and client behind firewall
Tiago Cruz wrote: > I have a FreeBSD 6.0 running MPD server 3.18_3. > The MPD server works very good when I has _direct_ connected by > Internet. > > My problem is with one _client_ (Win XP) behind NAT from iptables. I > have to do some in my PF? > > In this case, I've tried do this (in iptables from client): > I believe it to be an IPTables and PF issue. Hints to bring along to the IPTables mailing lists: PPTP needs PPTP helper, _make sure_ the PPTP helper doesn't corrupt the PPTP ID. PF doesn't have really try to fix NAT issues by rewriting packets. There might be a PPTP proxy out there somewhere? -- Sten Daniel Sørsdal signature.asc Description: OpenPGP digital signature
Re: MPD and client behind firewall
Hello Sten, very thanks by your reply! On Wed, 2006-01-18 at 11:28 +0100, Sten Daniel Sørsdal wrote: > I believe it to be an IPTables and PF issue. What? Oh my god... So, what can I do in PF-side? My potential VPN users have the client configured in your notebook, and I think that they always will need to connect trough NAT (modem, routers, netfilter, pf...) and I will have always this problem? :-/ > Hints to bring along to the IPTables mailing lists: > PPTP needs PPTP helper, _make sure_ the PPTP helper doesn't corrupt the > PPTP ID. So, I think that I'll need modify my kernel/ netfilter... but this information I'll look at netfilter mailing, thank you! > PF doesn't have really try to fix NAT issues by rewriting packets. There > might be a PPTP proxy out there somewhere? Well, my server-side haven't NAT, the pptp is listen direct at internet. But, if I this pptp proxy solve my problem I'll create one :) Can you help me to do this? Very thanks! -- Tiago Cruz http://linuxrapido.org Linux User #282636 "The box said: Requires MS Windows or better, so I installed Linux" ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
em driver + VLAN's
Hi all, I'm having an interesting problem at the moment. I want to bridge between two cisco switches on trunk ports. Basically bridging vlans - if I bridge my two main interfaces it works fine if they are fxp, but not when I use em cards... Could this be related to the driver, or BSD in some way? Thanks Dave ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
pf: redirect packets from localhost
Short question: Is it possible to redirect packets from localhost with "rdr"? Regards, Sebastian Schwerdhoefer ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: em driver + VLAN's
On Wed, Jan 18, 2006 at 03:12:27PM +0200, Dave Raven wrote: D> Hi all, D> I'm having an interesting problem at the moment. I want to bridge D> between two cisco switches on trunk ports. Basically bridging vlans - if I D> bridge my two main interfaces it works fine if they are fxp, but not when I D> use em cards... D> D> Could this be related to the driver, or BSD in some way? This probably can. What FreeBSD version are you using? Can you please show ifconfig output and bridge configuration? -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: MPD and client behind firewall
On Tue, Jan 17, 2006 at 03:52:00PM -0200, Tiago Cruz wrote: T> I have a FreeBSD 6.0 running MPD server 3.18_3. T> The MPD server works very good when I has _direct_ connected by T> Internet. T> T> My problem is with one _client_ (Win XP) behind NAT from iptables. I T> have to do some in my PF? T> T> In this case, I've tried do this (in iptables from client): T> T> # Allow forwarding from inside to out and vice versa T> iptables -A FORWARD -i $INTINT -s $LOCALNETWORK -j ACCEPT T> iptables -A FORWARD -o $INTINT -d $LOCALNETWORK -j ACCEPT T> T> # Allow pptpd connections (port 1723) T> iptables -t nat -A PREROUTING -i $EXTINT -p TCP --sport $PUBLICPORTS T> --dport 1723 -j ACCEPT T> iptables -t nat -A OUTPUT -o $EXTINT -p 47 -j ACCEPT T> iptables -A OUTPUT -o $EXTINT -p 47 -j ACCEPT T> iptables -A INPUT -i $EXTINT -p 47 -j ACCEPT T> T> But still don't woking. Somebody can help me? Follow the mpd.log: Masquarading GRE protocol, which is used by PPTP as transport, isn't simple. Not all NATs can do this. If you are going to server a lot of clients connecting from random places in the world, then you will face this problem time to time. Can you check whether iptables support NATing PPTP? -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: em driver + VLAN's
FreeBSD 4.9 - char em_driver_version[] = "1.7.16"; I've tried multiple bridge configurations - from bridging just em0,em1 to bridging two vlan's attached to each card. Unfortunately I don't have access to the box at the moment - if its still necessary I will fetch the information tomorrow (ifconfig etc) To sum up its something like the following net.inet.ether.bridge_config=em0,em1 net.inet.ether.bridge=1 Or vlan0,vlan1 with: ifconfig vlan0 create ifconfig vlan1 create ifconfig vlan0 vlan 100 vlandev em0 ifconfig vlan1 vlan 100 vlandev em1 If I change to using fxp it immediately works.. Thanks for the help Dave -Original Message- From: Gleb Smirnoff [mailto:[EMAIL PROTECTED] Sent: 18 January 2006 04:59 PM To: Dave Raven Cc: freebsd-net@FreeBSD.org Subject: Re: em driver + VLAN's On Wed, Jan 18, 2006 at 03:12:27PM +0200, Dave Raven wrote: D> Hi all, D> I'm having an interesting problem at the moment. I want to bridge D> between two cisco switches on trunk ports. Basically bridging vlans - D> if I bridge my two main interfaces it works fine if they are fxp, but D> not when I use em cards... D> D> Could this be related to the driver, or BSD in some way? This probably can. What FreeBSD version are you using? Can you please show ifconfig output and bridge configuration? -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: MPD and client behind firewall
On Wed, 2006-01-18 at 18:01 +0300, Gleb Smirnoff wrote: > Masquarading GRE protocol, which is used by PPTP as transport, isn't > simple. Not all NATs can do this. If you are going to server a lot > of clients connecting from random places in the world, then you will > face this problem time to time. So, I'll desist to use PPTP, because my clients are from random places. Many thanks for this information! > Can you check whether iptables support NATing PPTP? Yes, but with some limitations... Now, please, what can I do use on FreeBSD to my objectives? Very Thanks! Tiago Cruz http://linuxrapido.org Linux User #282636 "The box said: Requires MS Windows or better, so I installed Linux" ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: em driver + VLAN's
Dave Raven writes: | FreeBSD 4.9 - char em_driver_version[] = "1.7.16"; | | I've tried multiple bridge configurations - from bridging just em0,em1 to | bridging two vlan's attached to each card. Unfortunately I don't have access | to the box at the moment - if its still necessary I will fetch the | information tomorrow (ifconfig etc) | | To sum up its something like the following | net.inet.ether.bridge_config=em0,em1 | net.inet.ether.bridge=1 | | Or vlan0,vlan1 with: | ifconfig vlan0 create | ifconfig vlan1 create | ifconfig vlan0 vlan 100 vlandev em0 | ifconfig vlan1 vlan 100 vlandev em1 | | | If I change to using fxp it immediately works.. I think you will find you are bridging in promiscous mode and the HW VLAN stuff isn't there. You should try to bridge the vlan devices or disable the VLAN HW (driver hack). It works with the fxp0 since you are using SW VLAN so the HW part isn't grabing it. I've done the driver hack for some things I needed to do. Doug A. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: em driver + VLAN's
On Wed, 18 Jan 2006, Doug Ambrisko wrote: Dave Raven writes: | FreeBSD 4.9 - char em_driver_version[] = "1.7.16"; | | I've tried multiple bridge configurations - from bridging just em0,em1 to | bridging two vlan's attached to each card. Unfortunately I don't have access | to the box at the moment - if its still necessary I will fetch the | information tomorrow (ifconfig etc) | | To sum up its something like the following | net.inet.ether.bridge_config=em0,em1 | net.inet.ether.bridge=1 | | Or vlan0,vlan1 with: | ifconfig vlan0 create | ifconfig vlan1 create | ifconfig vlan0 vlan 100 vlandev em0 | ifconfig vlan1 vlan 100 vlandev em1 | | | If I change to using fxp it immediately works.. I think you will find you are bridging in promiscous mode and the HW VLAN stuff isn't there. You should try to bridge the vlan devices or disable the VLAN HW (driver hack). It works with the fxp0 since you are using SW VLAN so the HW part isn't grabing it. I've done the driver hack for some things I needed to do. what about vlanhwtag (ifconfig) ? according to the em manpage it is disabled by default so this setup should work. -- Sten Spans "There is a crack in everything, that's how the light gets in." Leonard Cohen - Anthem ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: em driver + VLAN's
Sten Spans writes: | On Wed, 18 Jan 2006, Doug Ambrisko wrote: | > Dave Raven writes: | > | FreeBSD 4.9 - char em_driver_version[] = "1.7.16"; | > | | > | I've tried multiple bridge configurations - from bridging just em0,em1 to | > | bridging two vlan's attached to each card. Unfortunately I don't have access | > | to the box at the moment - if its still necessary I will fetch the | > | information tomorrow (ifconfig etc) | > | | > | To sum up its something like the following | > | net.inet.ether.bridge_config=em0,em1 | > | net.inet.ether.bridge=1 | > | | > | Or vlan0,vlan1 with: | > | ifconfig vlan0 create | > | ifconfig vlan1 create | > | ifconfig vlan0 vlan 100 vlandev em0 | > | ifconfig vlan1 vlan 100 vlandev em1 | > | | > | | > | If I change to using fxp it immediately works.. | > | > I think you will find you are bridging in promiscous mode and the | > HW VLAN stuff isn't there. You should try to bridge the vlan devices | > or disable the VLAN HW (driver hack). It works with the fxp0 since you | > are using SW VLAN so the HW part isn't grabing it. I've done the driver | > hack for some things I needed to do. | | what about vlanhwtag (ifconfig) ? | according to the em manpage it is disabled by default | so this setup should work. I'm not sure ... things have changed over time. Doug A. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: em driver + VLAN's
On Jan 18, 2006, at 9:05 AM, Dave Raven wrote: FreeBSD 4.9 - char em_driver_version[] = "1.7.16"; I've tried multiple bridge configurations - from bridging just em0,em1 to bridging two vlan's attached to each card. Unfortunately I don't have access to the box at the moment - if its still necessary I will fetch the information tomorrow (ifconfig etc) To sum up its something like the following net.inet.ether.bridge_config=em0,em1 net.inet.ether.bridge=1 Or vlan0,vlan1 with: ifconfig vlan0 create ifconfig vlan1 create ifconfig vlan0 vlan 100 vlandev em0 ifconfig vlan1 vlan 100 vlandev em1 If I change to using fxp it immediately works.. Thanks for the help Dave Try adding: ifconfig em0 promisc ifconfig em1 promisc We found it was necessary in a few situations with em devices and bridging. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: em driver + VLAN's
Thanks for the reply - I went down to the office to do exactly what you are suggesting and it worked fine - removed "em_enable_vlans(adapter);" Thanks all Dave -Original Message- From: Doug Ambrisko [mailto:[EMAIL PROTECTED] Sent: 18 January 2006 10:04 PM To: Dave Raven Cc: 'Gleb Smirnoff'; freebsd-net@freebsd.org Subject: Re: em driver + VLAN's Dave Raven writes: | FreeBSD 4.9 - char em_driver_version[] = "1.7.16"; | | I've tried multiple bridge configurations - from bridging just em0,em1 | to bridging two vlan's attached to each card. Unfortunately I don't | have access to the box at the moment - if its still necessary I will | fetch the information tomorrow (ifconfig etc) | | To sum up its something like the following | net.inet.ether.bridge_config=em0,em1 | net.inet.ether.bridge=1 | | Or vlan0,vlan1 with: | ifconfig vlan0 create | ifconfig vlan1 create | ifconfig vlan0 vlan 100 vlandev em0 | ifconfig vlan1 vlan 100 vlandev em1 | | | If I change to using fxp it immediately works.. I think you will find you are bridging in promiscous mode and the HW VLAN stuff isn't there. You should try to bridge the vlan devices or disable the VLAN HW (driver hack). It works with the fxp0 since you are using SW VLAN so the HW part isn't grabing it. I've done the driver hack for some things I needed to do. Doug A. ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Changing time causes ipv6 panics
> On Sun, 15 Jan 2006 19:44:38 -0500, > Kris Kennaway <[EMAIL PROTECTED]> said: > I ran ntpdate on an amd64 system with ipv6 enabled and a skewed clock > (ntpdate stepped it back by about an hour), and immediately got a > use-after-free panic in ifaddr. When I rebooted with memguard enabled > on this malloc type and retried, I got this panic upon changing the > date forward, then back, then forward again (also note the garbage > return data from ntpdate): Which version of FreeBSD are you using? JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. [EMAIL PROTECTED] ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
