ipfw + http : apache
Martins Dzelde
dzelde at parks.lv
Fri May 2 05:35:13 PDT 2003
Probably, my description of the situation was ambiguous. On my little
network I have three computers A, B, and C :
A - FreeBSD box, where I have installed the daemons like natd, ipfw and
apache2, etc. This computer is connected to internet and is supposed to
share the connection for computers B & C
B,C - Windows boxes, uses the shared internet connection from the computer
A.
Then, if the ipfw is turned OFF, the boxes B & C cannot access Internet,
whereas from the box A I can access Internet as well as my apache2 web
pages. These web pages on box A I can access also from any other computer
connected to the Internet;
whereas, when I turn ON ipfw, Internet sharing works fine (meaning I can
browse the web from boxes A & B) but I cannot access those apache2 documents
on box A. I have tried to test, where does those packets go if I try access
the web page but all I get from 'ipfw -a list' is
> 00100 xxx xxx divert 8668 ip from any to any
> 00200 xxx xxx allow ip from any to any
> 65535 0 0 deny ip from any to any
which I understand as that those packets heading to my apache2 server on
port 80 are allowed to go and no traffic is denied... but I still cannot
access my web pages on the box A.
> Does natd(8) have the "deny_incoming" switch set?
>
> --
> Crist J. Clark | cjclark at alum.mit.edu
> | cjclark at jhu.edu>
> http://people.freebsd.org/~cjc/ | cjc at freebsd.org
It doesn't have the switch set. And I suppose it shouldn't be, should it?
> is NATD running?
>
> ps auxwww | grep natd
>
> Phil.
Yes, natd is running correctly.
Thank you for suggestions and, please, I would really appreaciate some more.
Martins.
More information about the freebsd-ipfw
mailing list