[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: kern/38773: ipf/ipnat broken in 4.99.63
The following reply was made to PR kern/38773; it has been noted by GNATS.
From: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
Cc: kern-bug-people%NetBSD.org@localhost, gnats-admin%NetBSD.org@localhost,
Subject: Re: kern/38773: ipf/ipnat broken in 4.99.63
Date: Wed, 28 May 2008 21:18:33 +0200
On Wed, May 28, 2008 at 12:15:00AM +0000, paul%whooppee.com@localhost wrote:
> The recent import of ipf appears broken.
> With no ipf rules defined, but with ipnat enabled, I am unable to ssh from
> another machine into the 4.99.63 box. SSH -d shows that the TCP session is
> established, but fails during the key exchange. I can open an ftp session
> but unable to perform an ls. ICMP pings are properly responded to. NFS
> mounts of remote file systems also work, but any attempt to to a 'df' or to
> otherwise access the mounted directory fails.
> I'm suspecting a problem with packet size, but am unable to confirm. I have
> had to revert this machine back to 4.99.62 (from May 14th) since I cannot
> disable ipnat (my VoIP gateway needs an IP address).
FWIW, my home gateway is running 4.99.63 with the new ipfilter and it's
no worse than the ipfilter that was in 4.99.62 (it's even sightly better).
I can reach it via ssh, ftp or http without troubles.
I'm also using ipf+ipnat.
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
NetBSD: 26 ans d'experience feront toujours la difference
Main Index |
Thread Index |