[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: problems tracerouting from behind an openbsd NAT box

To: "'Generic Player '" <genericplayer2@home.com>
Subject: RE: problems tracerouting from behind an openbsd NAT box
From: Josh Hoblitt <Josh.Hoblitt@bbox.net>
Date: Thu, 1 Mar 2001 10:28:15 -0800
Cc: "'misc@openbsd.org'" <misc@openbsd.org>

It's easier to upgrade the whole O/S... 3.4.16 removed many of the openbsd
customizations and atleast for me won't compile cleanly into 2.8-stable.
3.4.16 has been merged into the 2.8-current tree but if you just roll the
kernel you will get out of sync with userland.  I have seen patches floating
around in some lists that will supposedly get 3.4.16 to compile in to
stable.  Read the Faq on upgrading...

-----Original Message-----
From: Generic Player
To: Josh Hoblitt
Sent: 2/28/01 7:50 PM
Subject: Re: problems tracerouting from behind an openbsd NAT box

Yes, you are right, that's the version I am using.  Is there a way I can
just upgrade ipf, not the whole system?

----- Original Message -----
From: "Josh Hoblitt" <Josh.Hoblitt@bbox.net>
To: "'Generic Player '" <generic@unitedtamers.com>
Cc: <misc@openbsd.org>
Sent: Monday, February 26, 2001 9:23 PM
Subject: RE: problems tracerouting from behind an openbsd NAT box


>
> Do a 'ipf -V' my guess is that your using 2.8-stable which ships with
> 3.3.18.  This is a well known issue with 3.3.18.  If so you will need
to
> upgrade to a newer version of ipf (3.4.16 is in 2.8-current).
>
> -Josh
>
> -----Original Message-----
> From: Generic Player
> To: misc@openbsd.org
> Sent: 2/26/01 5:14 PM
> Subject: problems tracerouting from behind an openbsd NAT box
>
> Ok, here's the setup.  OpenBSD 2.8 on a 486 with a wavelan card for
the
> internet connection, and some NIC I had laying around for the ethernet
> connection.  Its doing NAT and not much else.  I have full internet
> connectivity from all machines behind the NAT box, except for this one
> issue with traceroutes.  Any traceroutes, from windows or linux
machines
> behind the NAT box, will hit 192.168.0.1 (the openbsd box doing NAT),
> then the NAT boxes default gateway, then everything afterwards times
> out.  Any ideas what I am doing wrong?  Here are my ipf.rules and
> ipnat.rules.
>
> /etc/ipf.rules:
>
> pass in from any to any
> pass out from any to any
>
> /etc/ipnat.rules:
>
> map wi0 192.168.0.0/24 -> 207.139.47.62/32 portmap tcp/udp 10000:60000
> map wi0 192.168.0.0/24 -> 207.139.47.62/32
>
> rdr wi0 207.139.47.62/32 port 21 -> 192.168.0.4 port 21
> rdr wi0 207.139.47.62/32 port 25 -> 192.168.0.4 port 25
> rdr wi0 207.139.47.62/32 port 80 -> 192.168.0.4 port 80
> rdr wi0 207.139.47.62/32 port 110 -> 192.168.0.4 port 110
> rdr wi0 207.139.47.62/32 port 143 -> 192.168.0.4 port 143
> rdr wi0 207.139.47.62/32 port 443 -> 192.168.0.4 port 443
>
> Any help is most appreciated
>
>

Prev by Date: RE: BSD and HA
Next by Date: fetchmail +SMTP error
Prev by thread: RE: BSD and HA
Next by thread: fetchmail +SMTP error
Index(es):
- Date
- Thread