[This belongs on -questions, I've cced] On Thursday 04 October 2001 08:31, Robin P. Blanchard wrote: > every now and then in my ipflog i see that ipfilter has blocked packets > from the internet destined for machines on my internal network: > > 01/10/2001 19:30:54.722906 3x dc0 @0:23 b 207.68.131.21,80 -> > 192.168.0.126,1045 PR tcp len 20 1500 -A IN > 01/10/2001 19:40:50.351123 dc0 @0:23 b 207.46.106.81,80 -> > 192.168.0.126,1033 PR tcp len 20 1500 -A IN > 02/10/2001 17:43:47.320547 50x dc0 @0:23 b 128.192.37.79,20 -> > 192.168.0.126,1148 PR tcp len 20 1500 -A IN > > > my question is: how is it that my internal IPs are getting to these > hosts in the first place? shouldn't ipnat have taken care of that on the > way out?
They probably aren't. Do a traceroute to some well-known sites (such as yahoo). Chances are that your ISP is using RFC-1918 addys on their internal routing. Stupid idea, but it's become commonplace to do it. IPv6 needs to come into use soon. This internet thing is such a mess that it amazes me that it works at all! -- Bill Moran Potential Technology technical services (412) 793-4257 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message