Re: Problems after IP change

2004-07-30 Thread Loren M. Lang
On Wed, Jul 28, 2004 at 03:48:17PM +, Daniela wrote: On Wednesday 28 July 2004 14:49, Steve Bertrand wrote: Also, post the relevant ``natd'' line entries in your /etc/natd.conf file. natd.conf doesn't exist. Do you mean rc.conf? Here it is: natd_interface=rl0 natd_enable=YES

Re: Problems after IP change

2004-07-28 Thread Steve Bertrand
Hi all! I recently got a new IP on my outside interface, and I replaced the old IP with the new one in my IPFW ruleset, and restarted natd. Now everything was alright until my network clients (on the inside interface) started complaining that they can't connect to remote servers. Ping still

Re: Problems after IP change

2004-07-28 Thread Daniela
On Wednesday 28 July 2004 14:03, Steve Bertrand wrote: Hi all! I recently got a new IP on my outside interface, and I replaced the old IP with the new one in my IPFW ruleset, and restarted natd. Now everything was alright until my network clients (on the inside interface) started

Re: Problems after IP change

2004-07-28 Thread Steve Bertrand
On Wednesday 28 July 2004 14:03, Steve Bertrand wrote: Hi all! I recently got a new IP on my outside interface, and I replaced the old IP with the new one in my IPFW ruleset, and restarted natd. Now everything was alright until my network clients (on the inside interface) started

RE: Problems after IP change

2004-07-28 Thread Hauan, David
-Original Message- From: Steve Bertrand [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 28, 2004 7:22 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Problems after IP change On Wednesday 28 July 2004 14:03, Steve Bertrand wrote: Hi all! I recently got

Re: Problems after IP change

2004-07-28 Thread Daniela
On Wednesday 28 July 2004 14:21, Steve Bertrand wrote: Did you actually change the IP on the interface itself? If not: edit /etc/rc.conf and change the IP/Netmask, then: # /etc/netstart Yes, the IP was changed. I ran /etc/netstart, but it didn't help. As I said, ping works as

Re: Problems after IP change

2004-07-28 Thread Daniela
On Wednesday 28 July 2004 14:27, Hauan, David wrote: Did you actually change the IP on the interface itself? If not: edit /etc/rc.conf and change the IP/Netmask, then: # /etc/netstart Yes, the IP was changed. I ran /etc/netstart, but it didn't help. As I said, ping

Re: Problems after IP change

2004-07-28 Thread Steve Bertrand
Do you have an ``alias_address'' statement in your natd.conf file? I have no natd.conf file. At least I never touched it. But it always worked like a dream. BTW, natd is started with the command line natd -n rl0. Try shutting down natd and load it with: # natd -a x.x.x.x where x.x.x.x ==

Re: Problems after IP change

2004-07-28 Thread Steve Bertrand
On Wednesday 28 July 2004 14:21, Steve Bertrand wrote: Did you actually change the IP on the interface itself? If not: edit /etc/rc.conf and change the IP/Netmask, then: # /etc/netstart Yes, the IP was changed. I ran /etc/netstart, but it didn't help. As I said, ping works as

Re: Problems after IP change

2004-07-28 Thread Daniela
On Wednesday 28 July 2004 14:36, Steve Bertrand wrote: Do you have an ``alias_address'' statement in your natd.conf file? I have no natd.conf file. At least I never touched it. But it always worked like a dream. BTW, natd is started with the command line natd -n rl0. Try shutting down

Re: Problems after IP change

2004-07-28 Thread Steve Bertrand
On Wednesday 28 July 2004 14:36, Steve Bertrand wrote: Do you have an ``alias_address'' statement in your natd.conf file? I have no natd.conf file. At least I never touched it. But it always worked like a dream. BTW, natd is started with the command line natd -n rl0. Try shutting

Re: Problems after IP change

2004-07-28 Thread Daniela
On Wednesday 28 July 2004 14:38, Steve Bertrand wrote: Do you have an ``alias_address'' statement in your natd.conf file? I have no natd.conf file. At least I never touched it. But it always worked like a dream. BTW, natd is started with the command line natd -n rl0. Also, I forget if

Re: Problems after IP change

2004-07-28 Thread Daniela
On Wednesday 28 July 2004 14:49, Steve Bertrand wrote: Also, post the relevant ``natd'' line entries in your /etc/natd.conf file. natd.conf doesn't exist. Do you mean rc.conf? Here it is: natd_interface=rl0 natd_enable=YES But I didn't change anything here, and it always worked.

Re: Problems after IP change

2004-07-28 Thread Steve Bertrand
On Wednesday 28 July 2004 14:49, Steve Bertrand wrote: Also, post the relevant ``natd'' line entries in your /etc/natd.conf file. natd.conf doesn't exist. Do you mean rc.conf? Here it is: natd_interface=rl0 natd_enable=YES But I didn't change anything here, and it always worked.

Re: Problems after IP change

2004-07-28 Thread Daniela
On Wednesday 28 July 2004 15:06, Steve Bertrand wrote: On Wednesday 28 July 2004 14:49, Steve Bertrand wrote: Also, post the relevant ``natd'' line entries in your /etc/natd.conf file. natd.conf doesn't exist. Do you mean rc.conf? Here it is: natd_interface=rl0 natd_enable=YES

Re: Problems after IP change

2004-07-28 Thread Steve Bertrand
On Wednesday 28 July 2004 15:06, Steve Bertrand wrote: On Wednesday 28 July 2004 14:49, Steve Bertrand wrote: Also, post the relevant ``natd'' line entries in your /etc/natd.conf file. natd.conf doesn't exist. Do you mean rc.conf? Here it is: natd_interface=rl0

Re: Problems after IP change

2004-07-28 Thread Daniela
On Wednesday 28 July 2004 15:23, Steve Bertrand wrote: Yes, it works, but of course I can't leave this rule in all the time. The SYN/ACK packet that comes back from the remote server is denied by rule 01900. But it should be allowed by the check-state rule. Also, I know you haven't

Re: Problems after IP change

2004-07-28 Thread Steve Bertrand
On Wednesday 28 July 2004 15:23, Steve Bertrand wrote: Yes, it works, but of course I can't leave this rule in all the time. The SYN/ACK packet that comes back from the remote server is denied by rule 01900. But it should be allowed by the check-state rule. Also, I know you haven't

Re: Problems after IP change

2004-07-28 Thread Daniela
On Wednesday 28 July 2004 15:53, Steve Bertrand wrote: I figured so...what happens if you add 'keep-state' to rules 2, 20002 and 20003? Nothing. BTW, here we have the problem: The initial SYN packet isn't matched by rule 11700 (setup keep-state). Setup means the SYN flag is

Re: Problems after IP change

2004-07-28 Thread Steve Bertrand
On Wednesday 28 July 2004 15:53, Steve Bertrand wrote: I figured so...what happens if you add 'keep-state' to rules 2, 20002 and 20003? Nothing. BTW, here we have the problem: The initial SYN packet isn't matched by rule 11700 (setup keep-state). Setup means the SYN flag is

Re: Problems after IP change

2004-07-28 Thread Daniela
On Wednesday 28 July 2004 16:18, Steve Bertrand wrote: On Wednesday 28 July 2004 15:53, Steve Bertrand wrote: I figured so...what happens if you add 'keep-state' to rules 2, 20002 and 20003? Nothing. BTW, here we have the problem: The initial SYN packet isn't matched by

Re: Problems after IP change

2004-07-28 Thread Steve Bertrand
On Wednesday 28 July 2004 16:18, Steve Bertrand wrote: On Wednesday 28 July 2004 15:53, Steve Bertrand wrote: I figured so...what happens if you add 'keep-state' to rules 2, 20002 and 20003? Nothing. BTW, here we have the problem: The initial SYN packet isn't matched by