Re: ipfw nat problem
- Reply: Eugene Grosbein : "Re: ipfw nat problem"
- In reply to: Wojciech Puchar : "ipfw nat problem"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 25 Aug 2022 06:36:22 UTC
found a reason. forwarding was set to 0 in sysctl On Thu, 25 Aug 2022, Wojciech Puchar wrote: > i use ipfw nat redirect feature for a long time. never had problems until > now. > > my ipfw config > > queue flush > pipe flush > #define INTERNETIP 1.2.3.4 > #define INTERNET igb1 > nat 1 config ip 1.2.3.4 \ > redirect_port tcp 10.255.255.253:22 20023 \ > redirect_port tcp 10.255.255.254:22 20022 > // > table 1 flush > table 1 add 5.6.7.8 > > add 6 skipto 1000 all from any to any via INTERNET in > add 7 skipto 2000 all from any to any via INTERNET out > add 10 allow all from any to any > > > add 1000 deny all from table(1) to any > add 1001 deny tcp from any to me 3306 > add 1010 nat 1 all from any to me > add 1999 allow all from any to any > > add 2000 reject tcp from me to any 113 > add 2001 nat 1 all from 10.255.255.0/24 to any > add 2002 allow all from any to any > > > this is server with 2 jails - i want these 2 jails ssh server be available > from outside. > > And it is. I can log in do many thing for a long time interactively no > problems. > > But trying to transfer files like ssh -p 20023 loginname@server "tar cf - > something"|tar xpf - > > or scp > > it always disconnects after transfering about 100kB > > > in logs i see > > Aug 25 08:29:35 <4.6> 10.255.255.253 sshd[63621]: Fssh_packet_write_poll: > Connection from user blebleble 9.9.9.9 port 53899: Permission denied > > No other errors > > > i have no problems doing such operations on host directly over ssh. > > I do use ssh redirects using nat on many servers without problems. > What can i do to find a source of this problem? > >