[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    OpenBSD & ipnat problems
From:       Lucas Nussbaum <lucas () sicfa ! org>
Date:       2001-03-31 10:51:37
[Download RAW message or body]

Hello,

I've got several problems with OpenBSD 2.8-current and ipfilter's NAT.
1/
with the following rules in /etc/ipnat.rules :
map rl0 192.168.0.0/24 -> 0/32 proxy port ftp ftp/ftp
map rl0 192.168.0.0/24 -> 0/32 portmap tcp/udp 10000:60000
map rl0 192.168.0.0/24 -> 0/32

# ipnat -CF -f /etc/ipnat.rules
2 entries flushed from NAT table
2 entries flushed from NAT list
8: unknown service "ftp".
8: syntax error in "map"

but i've added 21/udp for ftp to /etc/services as described in another post
to that mailing list :
# cat /etc/services |grep ftp
ftp-data        20/udp          # default ftp data port
ftp-data        20/tcp          # default ftp data port
ftp             21/udp
ftp             21/tcp

Any ideas ?

2/
To solve the first problem, I replaced ftp by 21 in the rules :
map rl0 192.168.0.0/24 -> 0/32 proxy port 21 ftp/ftp
map rl0 192.168.0.0/24 -> 0/32 portmap tcp/udp 10000:60000
map rl0 192.168.0.0/24 -> 0/32

# ipnat -CF -f /etc/ipnat.rules
2 entries flushed from NAT table
2 entries flushed from NAT list
8:ioctl(SIOCADNAT): No such file or directory

ipfilter seems to be running, as asked in the answer for someone who had the
same problem :
# ipf -E
IP FIlter: already initialized

My ipf.rules file :
pass in from any to any
pass out from any to any
so the problem shouldn't come from there ...

Any ideas ?

Lucas

[prev in list] [next in list] [prev in thread] [next in thread]