Subject: Re: Odd problem with ipnat and redirects...
To: None <gnn@nominum.com>
From: Darren Reed <avalon@caligula.anu.edu.au>
List: tech-net
Date: 03/30/2004 14:23:33
> rdr bge0 0.0.0.0/0 port domain -> 127.0.0.1 port domainproxy tcp
> rdr bge1 0.0.0.0/0 port domain -> 127.0.0.1 port domainproxy tcp
>
> The ipnat is seeing the connection attempts:
>
> # /usr/sbin/ipnat -l
> List of active MAP/Redirect filters:
> rdr bge0 0.0.0.0/0 port 53 -> 127.0.0.1 port 553 tcp
> rdr bge1 0.0.0.0/0 port 53 -> 127.0.0.1 port 553 tcp
>
> List of active sessions:
> RDR 127.0.0.1 553 <- -> 140.174.164.2 53 [128.177.197.99 64940]
> RDR 127.0.0.1 553 <- -> 140.174.164.2 53 [128.177.197.99 64941]
> RDR 127.0.0.1 553 <- -> 140.174.164.2 53 [128.177.197.35 50994]
> RDR 127.0.0.1 553 <- -> 140.174.164.2 53 [128.177.197.35 50995]
> RDR 127.0.0.1 553 <- -> 140.174.164.2 53 [128.177.197.35 50996]
>
> but the program, which is managed by inetd, is never started.
> A packet trace shows this:
>
> 01:33:51.543687 128.177.197.99.64939 > 140.174.164.2.53: S 3061185575:3061185575(0) win 16384 <mss 1460,nop,wscale 0,nop,nop,timestamp 0 0>
> 01:33:51.547568 127.0.0.1.553 > 128.177.197.99.64939: S 1729469350:1729469350(0) ack 3061185576 win 16384 <mss 1460,nop,wscale 0,nop,nop,timestamp 0 0>
> 01:33:54.545922 127.0.0.1.553 > 128.177.197.99.64939: S 1729469350:1729469350(0) ack 3061185576 win 16384 <mss 1460,nop,wscale 0,nop,nop,timestamp 6 0>
>
> And the routes are like this:
>
> default 128.177.197.13 UGS 2 3019 - bge0
> 81.200.64.181 128.177.197.14 UGHD 1 69 - bge0
> 127 127.0.0.1 UGRS 0 0 33220 lo0
> 127.0.0.1 127.0.0.1 UH 1 218 33220 lo0
> 128.177.197/28 link#1 UC 4 0 - bge0
> 128.177.197.64/28 link#2 UC 2 0 - bge1
>
> Any thoughts? I scowered google to no avail, and have yet to
> try to read through the filter hook code.
128.17.197.99 only matches the default route. That is to say the packets
are coming in on bge1 but going out bge0.
Are you sure the netmasks for bge0 & bge1 are correct ?
Should they be /26 ?
Darren