[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    IPNat - Duplicate IP Address
From:       Rafael Granha <granha () bancobva ! com ! br>
Date:       2002-03-27 15:58:14
[Download RAW message or body]

Hello,

I´m configuring IPNat on OpenBSD 2.8 GENERIC, with 2 interfaces: xl0
(external - 200.218.88.0/28) and xl1 (internal - 172.16.1.0/24).
When I connect from external network on the port 1414 of the firewall, I got
the error:
--
Mar 27 11:59:16 fw01 /bsd: duplicate IP address 200.218.88.44 sent from
ethernet address 00:e0:7d:a3:66:00
Mar 27 11:59:16 fw01 /bsd: duplicate IP address 200.218.88.44 sent from
ethernet address 00:e0:7d:a3:66:00
--

Only MAPs from internal network to external network are working fine.

There is some output:

# ipnat -l
List of active MAP/Redirect filters:
map xl0 172.16.1.0/24  -> 200.218.88.44/32  proxy port ftp ftp/tcp
map xl0 172.16.1.0/24  -> 200.218.88.44/32  portmap tcp/udp 10000:20000
map xl0 172.16.1.0/24  -> 200.218.88.44/32
rdr xl0 200.218.88.44/32 port 1414 -> 172.16.1.64 port 1414 tcp

List of active sessions:
MAP 172.16.1.56     1965  <- -> 200.218.88.44   10001 [200.218.66.201 1414]
MAP 172.16.1.56     1963  <- -> 200.218.88.44   10000 [200.218.66.9 1414]
# 

Mar 27 11:59:16 fw01 /bsd: duplicate IP address 200.218.88.44 sent from
ethernet address 00:e0:7d:a3:66:00
Mar 27 11:59:16 fw01 /bsd: duplicate IP address 200.218.88.44 sent from
ethernet address 00:e0:7d:a3:66:00

---ipnat.rules
# $OpenBSD: ipnat.rules,v 1.2 1999/05/08 16:33:10 jason Exp $
#
# map internal network to external interface
map xl0 172.16.1.0/24 -> xl0/32 proxy port ftp ftp/tcp
map xl0 172.16.1.0/24 -> xl0/32 portmap tcp/udp 10000:20000
map xl0 172.16.1.0/24 -> xl0/32

# redirect services from internal servers
rdr xl0 200.218.88.44/32 port 1414 -> 172.16.1.64 port 1414 tcp

Thanks...

Rafael Granha | Sistemas
granha@bancobva.com.br
Banco BVA S/A
(21) 2505-7777 - ramal 7828

[prev in list] [next in list] [prev in thread] [next in thread]