IPNAT/Slow TCP/Pings fine/4.8-REL

Larry Rosenman ler at lerctr.org
Tue Oct 14 11:50:04 PDT 2003 


--On Tuesday, October 14, 2003 11:40:57 -0700 DavidB 
<odyseus00 at whatistruth.net> wrote:

> Larry Rosenman wrote:

>
> If you would post this to freebsd-questions you would probably get better
> service, since it is most likely a configuration issue.
I did post to -questions as well.
>
> And yes, it is my understanding that IPDIVERT is not needed for IPFILTER
> and ipnat. anyone?
Yes, I've verified it.
>
> the rc.conf  gateway_enable option and setting the sysctl forwarding
> option do the same thing, someone more knowledgeable can answer to that
> one.  Oh, I just checked it sets the forwarding but not fastforwarding.
> So you need either method you choose, both is redundant.
Wasn't sure about that. Thanks.
>
> You are not very descriptive: can ping?  ping [ip.num.for.localhost] or
> ping [ip.num.for.externalhost] or ping [host.domain.tld]
ping local, ping external-ip, ping name.of.external all work.
>
> apparently do name lookups??  are you getting good results from
> nslookup www.abcnews.com or such?
host www.lerctr.org works (from a non-auth resolver for it).
>
> I think there is a top like command line option for ipfilter you can use
> to see what ipfilter is doing, but I am not sure if it is helpful with
> ipnat.
Didn't seem to get it.  I did do a ipnat -l and SAW THE TRANSLATION.

I also could telnet to the same destination from directly on the
fw/router box, and saw the session. :-(

>
> posting to questions instead, I think is appropriate.
Will follow-up there.


>
> Have a good day,
Thanks!
> David
>
>
>
>
>
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>



-- 
Larry Rosenman                     http://www.lerctr.org/~ler
Phone: +1 972-414-9812                 E-Mail: ler at lerctr.org
US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20031014/b304e74a/attachment.bin

More information about the freebsd-questions mailing list