ipf and ipnat stopped working, no routing between nics.
Daniel A.
ldrada at gmail.com
Fri Mar 31 11:27:54 UTC 2006
Hi,
I rebooted my machine last night, and everything started working again.
But no, I didnt check that. And after I was looking at some sysctls
late last night, I did speculate about whether those you mention were
right or not.
Problem resolved, and thanks for the help :)
ps. Sorry I accidentally spammed the list. It didnt seem as if my
emails went through at the time.
On 3/31/06, Erik Norgaard <norgaard at locolomo.org> wrote:
> Daniel A. wrote:
> > Hi,
> > I run a FreeBSD 6.0 at home in my closet.
> > Yesterday, while I was linking IRCd services with a friend of mine, my router
> > completely stopped routing any packets between the internal nic (sis0) and
> > the external nic (rl0).
> > The only thing that I can think of, whoich could have caused this, is that I
> > ran ettercap on the server to diagnose why our servers wouldnt link. I did NOT
> > run any ARP poisoning or DNS spoofing attacks on myself.
> > But I didnt notice if the routing stopped at that point, or later, because I
> > could always connect to my server, and the server could always connect to the
> > internet. The situation is still the same.
> >
> > I have tried to do
> > - "ipf -Fa -f /etc/ipf.rules; ipnat -FC -f /etc/ipnat.rules" - Didnt help
> > - "cd /etc/rc.d; ./ipfilter restart; ./ipnat restart" - Didnt help
> > - Launch ettercap again and exit "cleanly" after telling it to stop sniffing.
> > A tcpdump reveals that, indeed, no packets at all make it from sis0 to rl0.
> > So my conclusion is that ipnat "forgot" how to route between the two
> > interfaces.
> >
> > Could anyone please give some pointers?
>
> did you check
>
> # sysctl -a |grep forward
>
> you should have
>
> net.inet.ip.forwarding: 1
> net.inet.ip.fastforwarding: 0
> net.inet6.ip6.forwarding: 0
>
> Erik
> --
> Ph: +34.666334818 web: www.locolomo.org
> S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt
> Subject ID: 9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72
> Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9
>
More information about the freebsd-questions
mailing list