ipf and ipnat stopped working, no routing between nics.
Erik Norgaard
norgaard at locolomo.org
Fri Mar 31 06:53:42 UTC 2006
Daniel A. wrote:
> Hi,
> I run a FreeBSD 6.0 at home in my closet.
> Yesterday, while I was linking IRCd services with a friend of mine, my router
> completely stopped routing any packets between the internal nic (sis0) and
> the external nic (rl0).
> The only thing that I can think of, whoich could have caused this, is that I
> ran ettercap on the server to diagnose why our servers wouldnt link. I did NOT
> run any ARP poisoning or DNS spoofing attacks on myself.
> But I didnt notice if the routing stopped at that point, or later, because I
> could always connect to my server, and the server could always connect to the
> internet. The situation is still the same.
>
> I have tried to do
> - "ipf -Fa -f /etc/ipf.rules; ipnat -FC -f /etc/ipnat.rules" - Didnt help
> - "cd /etc/rc.d; ./ipfilter restart; ./ipnat restart" - Didnt help
> - Launch ettercap again and exit "cleanly" after telling it to stop sniffing.
> A tcpdump reveals that, indeed, no packets at all make it from sis0 to rl0.
> So my conclusion is that ipnat "forgot" how to route between the two
> interfaces.
>
> Could anyone please give some pointers?
did you check
# sysctl -a |grep forward
you should have
net.inet.ip.forwarding: 1
net.inet.ip.fastforwarding: 0
net.inet6.ip6.forwarding: 0
Erik
--
Ph: +34.666334818 web: www.locolomo.org
S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt
Subject ID: 9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72
Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9
More information about the freebsd-questions
mailing list