Fwd: ipnat and "ping" problem.
Maślanka Wojciech
wojciech.maslanka at gmail.com
Sat Dec 24 06:20:23 PST 2005
Im affraid that this solution dont work. :(
Any other idea??
Regards!
---------- Forwarded message ----------
From: Michal Mertl <mime at traveller.cz>
Date: 2005-12-24 11:20
Subject: Re: ipnat and "ping" problem.
To: Maślanka Wojciech <wojciech.maslanka at gmail.com>
Cc: Freebsd-questions <freebsd-questions at freebsd.org>
Maślanka Wojciech píše v pá 23. 12. 2005 v 23:07 +0100:
> This is my network:
> Internet---------------[rl0, 192.168.0.50_____10.0.0.1
> ,rl1]------------------[10.0.0.2]
> On 10.0.0.2 machine I cant ping any host in internet. I can ping only
> 10.0.0.1 and 192.168.0.50. :(
> Whats wrong??
>
>
>
> [/usr/src]#uname -a
> FreeBSD freebsd.mila10.6 6.0-RELEASE FreeBSD 6.0-RELEASE
>
>
> [/usr/src]#ipfstat -io
> pass out quick all
> pass in quick all
>
>
> [/usr/src]#ipnat -l
> List of active MAP/Redirect filters:
> map rl0 10.0.0.0/24 -> 192.168.0.50/32 proxy port ftp ftp/tcp
> map rl0 10.0.0.0/24 -> 192.168.0.50/32 portmap tcp/udp auto
> map rl0 10.0.0.0/24 -> 192.168.0.50/32
>
You need also
map rl0 10.0.0.0/24 -> 192.168.0.50/32 icmpidmap icmp 64000:65535
In the documentation of ipnat(5) there's written that for this to
reliably work you have to recompile the world with limited PID_MAX but
it works without it.
> List of active sessions:
> MAP 10.0.0.2 3610 <- -> 192.168.0.50 8666 [66.249.85.83 80]
> MAP 10.0.0.2 3609 <- -> 192.168.0.50 8665 [66.249.85.83 80]
> MAP 10.0.0.2 3608 <- -> 192.168.0.50 8664 [66.249.85.19 80]
> MAP 10.0.0.2 3607 <- -> 192.168.0.50 8663 [194.204.152.34 53]
> MAP 10.0.0.2 3606 <- -> 192.168.0.50 8662 [66.249.85.83 80]
>
Michal
More information about the freebsd-questions
mailing list