Subject: Re: Kernel Panic caused by IPnat
To: NetBSD-Alpha Mailinglist <email@example.com>
From: Andrew Garman <firstname.lastname@example.org>
Date: 09/20/2000 16:51:31
It's 1.4.2. The panic was because, I didn't turn on ipforwarding.
I'm running into different problems now. That the ipnat rules just
aren't working. They're inserted and show up with ipnat -l is run.
But they don't work.
I have pass in and pass out open for all:
pass in from any to any
pass out from any to any
I am back to running the GENERIC 1.4.2 kernel.
Also the ftp proxy rule doesn't read into the firewall at all. I'm
certain more than a few people are using Alpha NetBSD for a firewall.
Would anyone be willing to share rulesets, kernel compile configs
and other settings with me.
--- "Chris G. Demetriou" <email@example.com> wrote:
> Andrew Garman <firstname.lastname@example.org> writes:
> > Today, I just put in two additional 3c905B cards and was looking
> > forward to transitioning in the new system. Everything looked up
> > the ipfilter ruleset worked like a charm. Unfortunately, when I
> > tried to enable the minimal required ipnat ruleset, the system
> > panicked.
> > I swapped back in the Generic kernel as I trimmed mine down to less
> > than half the size. The panic still occurs. I did the same
> > the ipfilter rules in place. The panic still occurs.
> You've not told us what version of NetBSD you're using. That's
> important information.
> (It's also important that your ipfilter-related userland bits closely
> match the vintage of your kernel. i.e. if you're running a 1.4.2
> kernel, you _need_ to be using 1.4.2 ipfilter-related bits. 1.4.1 or
> 1.4 likely won't work. Ipfilter is ... not so good about backward
> compatiblity. *sigh*)
Do You Yahoo!?
Send instant messages & get email alerts with Yahoo! Messenger.