IPNAT max static mapping hardcored?

gkullak at fi.uba.ar gkullak at fi.uba.ar
Mon Oct 4 13:43:23 PDT 2004

I come from iptables over Red Hat 7.3 in my cable connection(512Kbps).
This structure with 20 machines nated in my LAN. 3 machines are running
Overnet, this may be that we must redirect 6 port (1 TCP and 1 UDP for
each machine) for each Overnet machine. This work fine and transparent
proxy in the same machine work fine too.

 Internet ---> x.x.x.x(public address) | RH 7.3 |> LAN

Now, I have been installed FreeBSD 4.10 with ipfilter in RH7.3 position
instead, but when I start Overnet on FreeBSD and overnet in ONE machine of
the LAN, the FreeBSD crash.
What it mean crash? SSH is very slow to prompt for password, proxy
transparent may be work, may be no. If a put proxy setting in my IE
configuration, the thing work better.

Anybody tell my that in one .h C library, the ipfilter program define a
constant that fix the max static connection...this is really???

Actually, with ipnat -s, I see 780 mapping.
Is this number really high?

This do that I thing that ipfilter is designed for very small networks
with very network load.

What do you thing? I will try putting Red Hat again for test.



Gustavo Ariel Kullak
e-mail:gkullak at fi.uba.ar

More information about the freebsd-questions mailing list