Newbie NAT question

[Jonathan]

Hi all,

I'm having problems with NAT on ipfilter 3.4.31 under Solaris 8 on a Sparc 5.

The machine has two network interfaces, le0 and le1 and is running Sun's ppp over ethernet software though le1. The private network's address space is 192.168.1.x and le0's address is 192.168.1.1.

The software compiled with no problems and seems to have installed perfectly. My NAT rules are as follows:

#!/sbin/ipnat -f -

map sppp0 192.168.1.1/24 -> 0/32 proxy port ftp ftp/tcp
map sppp0 192.168.1.1/24 -> 0/32 portmap tcp/udp 40000:60000
map sppp0 192.168.1.1/24 -> 0/32

Pretty simple.

The problem is as follows:

I have a Macintosh running MacOS 8.6 in my private network (192.168.1.2) whose default router is 192.168.1.1 (le0 on the Sun). So far, so good.

Using http, some sites load on the Mac with no problems at all and others will not. Still other sites will partially load and then time out. It seems (from snooping le0) that my ISP's name server(s) answer(s) the NATed request from the Mac and some traffic is transferred correctly but things seem to stop for no discernable reason.

I can see the "broken" sites from the Sun itself using Lynx with no problems whatsoever. I have also configured the firewall to allow all packets in and out to eliminate that as a cause of the problem. The MTU on sppp0 is also set appropriately for my ISP so I doubt that that's a problem, especially considering that access from that machine seems to be just fine.

Any clues?

If not, can anyone tell me how to get NAT to log? I've tried putting "log" at various places in the lines of ipnat.conf but ipfilter either gives an error for that line or warns that the junk at the end of the line has been ignored.

I'm probably making some kind of elementary mistake so any help would be appreciated.

Thanks in advance,
Jonathan.

"I am Dyslexic of Borg, Your Ass will be Laminated"