Approximately 90%-95% of file transfers during portupgrade result in the error message "No route to Host". If the file in question resides only on an ftp site, I disable the firewall in order to transfer the file in.

Yesterday, I resorted to commenting out the second of three IPNAT Rules in my /etc/ipnat.rules file, modeled after the Handbook version in section, and was able to complete the upgrade. Not sure I would recommend this procedure however...My rules follow:

 This rule will handle all the traffic for the internal LAN:
 map tun0 -> 0/32 proxy port 21 ftp/tcp

 This rule handles the FTP traffic from the gateway:
 map tun0 -> 0/32 proxy port 21 ftp/tcp

 This rule handles all non-FTP traffic from the internal LAN:
 map tun0 -> 0/32

If I was reading Ethereal correctly, packets/data returning from the ftp site made it to the gateway,, but couldn't make it to the host, The message was something like, "Host unreachable".

Admittedly, I have little knowledge or expertise in this matter and would appreciate your suggestions to help resolve this issue. Do my rules follow protocol? Are they accurate?

I built my IPF Firewall using the Handbook and reviewed most, if not all, of the recommended websites for more assistance and understanding.


freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to