ipfw + natd => some sites won't work :-S

Frank de Bot ppi at searchy.net
Mon May 9 15:42:07 PDT 2005


Hi,

I got my FreeBSD set up to do nat, but it doesn't work 100%. Sites like 
Google for instance does work, but many other don't. All other protocols 
seems to be working properly. But why are sites failing to do anything? 
I got running natd with the verbose option and successfull request of 
google is indentical to a random other site :S
The firewall I use is rather big. the most important piece is:

01200     723    652298 divert 8668 ip from any to 82.94.238.70 via fxp0
01200     521     85279 divert 8668 ip from 10.0.5.0/24 to any
01200       0         0 allow ip from any to 10.0.5.0/24
01201     524     85399 allow ip from 82.94.238.70 to any
01201       3       144 allow ip from any to 82.94.238.70
01500  871494 216106437 allow tcp from any to any established


/etc/natd.conf is:

alias_address %external_ip%
verbose


It just puzzles me why only some http request would fail and everything 
works fine!
Anyone got any idea?


Thanks in advanced,

Frank de Bot


More information about the freebsd-questions mailing list