On Wednesday 15 October 2008 13:39:51 Daniel O'Connor wrote: > On Wednesday 15 October 2008 13:08:02 Mike Tancsa wrote: > > > very odd it only just started doing it though.. > > > > do you have tun0 in () on your nat statement ? > > > > eg. > > nat on tun0 from 192.168.23.0/24 to any -> (tun0) > > Yep. > > > You could always add to ppp.linkup something like > > > > pppoe: > > ! /sbin/pfctl -Fnat -f /etc/pf.conf > > Hmm.. I didn't realise you could delete NAT only state like that, I will > give it a try! > > (I've been doing pfctl -k $oldip) > > Thanks.
I tried this but no luck. I find that every second connect works, eg.. [midget 20:12] ~ >sudo pfctl -s state | grep 203.31.81.10 No ALTQ support in kernel ALTQ related functions disabled all tcp 203.31.81.10:22 <- 10.0.2.99:55188 ESTABLISHED:ESTABLISHED all tcp 10.0.2.99:55188 -> 121.45.249.156:55188 -> 203.31.81.10:22 ESTABLISHED:ESTABLISHED all tcp 203.31.81.10:22 <- 10.0.2.99:55190 CLOSED:SYN_SENT all tcp 10.0.2.99:55190 -> 121.45.57.17:55190 -> 203.31.81.10:22 SYN_SENT:CLOSED all tcp 203.31.81.10:22 <- 10.0.2.99:55194 FIN_WAIT_2:FIN_WAIT_2 all tcp 10.0.2.99:55194 -> 121.45.249.156:55194 -> 203.31.81.10:22 FIN_WAIT_2:FIN_WAIT_2 As you can see it mentions the old (121.45.57.17) and new (121.45.249.156) IPs.. I have no idea where it is getting that IP from.. ifconfig & netstat don't show it. I've even tried /etc/rc.d/pf restart but that doesn't fix it.. It's very perplexing :( -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
signature.asc
Description: This is a digitally signed message part.
