Re: ipf/ipnat behavior

To: paul%whooppee.com@localhost
Subject: Re: ipf/ipnat behavior
From: Darren Reed <darrenr%netbsd.org@localhost>
Date: Mon, 02 Jun 2008 04:20:55 -0700

Paul Goyette wrote:

On Mon, 2 Jun 2008, Darren Reed wrote:
Are there any signs that ipfilter is blocking things?
Like does "ipfstat" show increasing numbers for blocked things?
or NAT failures or...?
ipfstat does not show any blocked packets, which you would thinkexonerates ipfilter. (I posted the ipfstat output earlier when I wasconfused about the 'nomatch' entries.)
However, if I boot with ipfilter disabled, or if I manually disableipfilter before attempting to access the nfs volume, it works fine.Problem occurs only when ipfilter is enabled.

What about if you disable ipnat and create /etc/ipf.conf with these twolines:

pass out all
pass in all

Darren

References:
- Re: ipf/ipnat behavior
  - From: Darren Reed
- Re: ipf/ipnat behavior
  - From: Paul Goyette
- Re: ipf/ipnat behavior
  - From: Darren Reed
- Re: ipf/ipnat behavior
  - From: Paul Goyette
- Re: ipf/ipnat behavior
  - From: Darren Reed
- Re: ipf/ipnat behavior
  - From: Paul Goyette
- Re: ipf/ipnat behavior
  - From: Paul Goyette
- Re: ipf/ipnat behavior
  - From: Darren Reed
- Re: ipf/ipnat behavior
  - From: Paul Goyette

Prev by Date: Re: ipf/ipnat behavior
Next by Date: Re: ipf/ipnat behavior
Previous by Thread: Re: ipf/ipnat behavior
Next by Thread: Re: ipf/ipnat behavior
Indexes:

Home | Main Index | Thread Index | Old Index