On Fri, Jul 23, 2010 at 2:43 PM, Erik Norgaard wrote:
> On 23/07/10 18.58, alexus wrote:
>
>> i just did jail on public ip where i dont need to use ipnat, so
>> obviously that works fine no problem
>> not really what i wanted though but as a temporary fix its fine...
>
> With all respect, I think
On 23/07/10 18.58, alexus wrote:
i just did jail on public ip where i dont need to use ipnat, so
obviously that works fine no problem
not really what i wanted though but as a temporary fix its fine...
With all respect, I think you should start liking this solution, because
for all I understan
small update: i just re-build jail and again where I was...
so it seems like its not jail related issue
although ... I also tried new rdr rule but to resides on same
interface and that worked no problem...
i just did jail on public ip where i dont need to use ipnat, so
obviously that works fine n
On Tue, Jul 20, 2010 at 2:54 PM, Erik Norgaard wrote:
> On 20/07/10 20.07, alexus wrote:
>>
>> On Tue, Jul 20, 2010 at 12:57 PM, Erik Norgaard
>> wrote:
>> plan b is to run natd, but i'd rather run ipnat especially that ipnat
>> used to work before no problem!
>
> Maybe move away from what used t
alexus wrote:
On Tue, Jul 20, 2010 at 2:16 PM, Aiza wrote:
alexus wrote:
su-3.2# grep ^firewall /etc/rc.conf
firewall_enable="YES"
firewall_type="open"
su-3.2# grep ^ip /etc/rc.conf
ipfilter_enable="YES"
ipmon_enable="YES"
ipnat_enable="YES"
ipnat_flags="-d"
This is not good.
You are
On 20/07/10 20.43, alexus wrote:
On Tue, Jul 20, 2010 at 2:16 PM, Aiza wrote:
Just because 2 firewalls at same time didn't blow up in your face before,
sure don't mean they are working correctly. Thats one bad assumption to base
debugging on.
i never had any problem doing so, not that i'm s
On 20/07/10 20.07, alexus wrote:
On Tue, Jul 20, 2010 at 12:57 PM, Erik Norgaard wrote:
plan b is to run natd, but i'd rather run ipnat especially that ipnat
used to work before no problem!
Maybe move away from what used to work and towards what is working :)
Whichever you prefer, just stick
On Tue, Jul 20, 2010 at 2:16 PM, Aiza wrote:
> alexus wrote:
>>>
>>> su-3.2# grep ^firewall /etc/rc.conf
>>> firewall_enable="YES"
>>> firewall_type="open"
>>>
>>> su-3.2# grep ^ip /etc/rc.conf
>>> ipfilter_enable="YES"
>>> ipmon_enable="YES"
>>> ipnat_enable="YES"
>>> ipnat_flags="-d"
>>>
alexus wrote:
su-3.2# grep ^firewall /etc/rc.conf
firewall_enable="YES"
firewall_type="open"
su-3.2# grep ^ip /etc/rc.conf
ipfilter_enable="YES"
ipmon_enable="YES"
ipnat_enable="YES"
ipnat_flags="-d"
This is not good.
You are running 2 different firewalls at the same time.
comment out
f
On Tue, Jul 20, 2010 at 1:03 PM, Erik Norgaard wrote:
> On 20/07/10 18.37, alexus wrote:
>
>>> You are running 2 different firewalls at the same time.
>>> comment out
>>> firewall_enable="YES"
>>> firewall_type="open"
>>>
>>> and reboot your system.
>>
>> do you know that for a fact or you just gu
On Tue, Jul 20, 2010 at 12:57 PM, Erik Norgaard wrote:
> On 20/07/10 18.02, alexus wrote:
>>
>> On Mon, Jul 19, 2010 at 12:38 PM, Erik Norgaard
>> wrote:
>>>
>>> On 19/07/10 16.46, alexus wrote:
>>> Can't help you more, really, you need to investigate where packets are
>>> dropped, tcpdump is a g
On 20/07/10 18.37, alexus wrote:
You are running 2 different firewalls at the same time.
comment out
firewall_enable="YES"
firewall_type="open"
and reboot your system.
do you know that for a fact or you just guessing??
because first of all it worked before just fine with 2 firewalls
second i
On 20/07/10 18.02, alexus wrote:
On Mon, Jul 19, 2010 at 12:38 PM, Erik Norgaard wrote:
On 19/07/10 16.46, alexus wrote:
Can't help you more, really, you need to investigate where packets are
dropped, tcpdump is a great tool and the man-page is excelent, can't explain
it better, if you don't li
> su-3.2# grep ^firewall /etc/rc.conf
> firewall_enable="YES"
> firewall_type="open"
>
> su-3.2# grep ^ip /etc/rc.conf
> ipfilter_enable="YES"
> ipmon_enable="YES"
> ipnat_enable="YES"
> ipnat_flags="-d"
>
> This is not good.
> You are running 2 different firewalls at the same time.
> comme
alexus wrote:
On Mon, Jul 19, 2010 at 12:38 PM, Erik Norgaard wrote:
On 19/07/10 16.46, alexus wrote:
Use tcpdump, you should see if your rdr/map rules work as expected.
Also,
pfctl -ss and similar.
i don't know how to use tcpdump, can you provide exact syntax so i can
run
it?
The man-page i
On Mon, Jul 19, 2010 at 12:38 PM, Erik Norgaard wrote:
> On 19/07/10 16.46, alexus wrote:
>
> Use tcpdump, you should see if your rdr/map rules work as expected.
> Also,
> pfctl -ss and similar.
i don't know how to use tcpdump, can you provide exact syntax so i can
r
On 19/07/10 16.46, alexus wrote:
Use tcpdump, you should see if your rdr/map rules work as expected. Also,
pfctl -ss and similar.
i don't know how to use tcpdump, can you provide exact syntax so i can run
it?
The man-page is excelent.
tried that, unfortunately not really sure what am i doing
On Sat, Jul 17, 2010 at 7:51 AM, Erik Norgaard wrote:
> On 16/07/10 02.56, alexus wrote:
>
> su-3.2# cat /etc/ipnat.rules
> map fxp0 lama -> 0/32
> rdr fxp0 64.52.58.58 port ssh -> lama port ssh tcp
>>>
>>> What's that first rule supposed to do?
>>
>> provides a NAT within jail
>
On 16/07/10 02.56, alexus wrote:
su-3.2# cat /etc/ipnat.rules
map fxp0 lama ->0/32
rdr fxp0 64.52.58.58 port ssh ->lama port ssh tcp
What's that first rule supposed to do?
provides a NAT within jail
Just guessing, try to put the rdr rule first. Another thing, the
firewall/nat may
On Thu, Jul 15, 2010 at 6:55 PM, Erik Norgaard wrote:
> On 15/07/10 21.17, alexus wrote:
>>
>> On Wed, Jul 14, 2010 at 10:32 PM, alexus wrote:
>>>
>>> I can't put my mind around it, before reboot I was able to ssh in from
>>> outside to my jail and right now I can't!
>
> What did you change?
as
On 15/07/10 21.17, alexus wrote:
On Wed, Jul 14, 2010 at 10:32 PM, alexus wrote:
I can't put my mind around it, before reboot I was able to ssh in from
outside to my jail and right now I can't!
What did you change?
su-3.2# cat /etc/ipnat.rules
map fxp0 lama -> 0/32
rdr fxp0 64.52.58.58 por
On Wed, Jul 14, 2010 at 10:32 PM, alexus wrote:
> I can't put my mind around it, before reboot I was able to ssh in from
> outside to my jail and right now I can't!
> I even rebuild the whole system and even that didn't help:(
> anyone have any ideas?
>
> su-3.2# cat /etc/ipnat.rules
> map fxp0 la
I can't put my mind around it, before reboot I was able to ssh in from
outside to my jail and right now I can't!
I even rebuild the whole system and even that didn't help:(
anyone have any ideas?
su-3.2# cat /etc/ipnat.rules
map fxp0 lama -> 0/32
rdr fxp0 64.52.58.58 port ssh -> lama port ssh tcp
23 matches
Mail list logo
