kern/73910: [ipfw] serious bug on forwarding of packets after
NAT
Achim Patzner
ap at bnc.net
Mon Nov 22 11:30:37 GMT 2004
The following reply was made to PR kern/73910; it has been noted by GNATS.
From: Achim Patzner <ap at bnc.net>
To: FreeBSD-gnats-submit at freebsd.org
Cc:
Subject: Re: kern/73910: [ipfw] serious bug on forwarding of packets after NAT
Date: Mon, 22 Nov 2004 12:22:14 +0100
(I guess someone should adjust his AV engine... My Mac is ROTFLing.)
glebius at bestcom.ru>: host relay.bestcom.ru[217.72.144.5] said: 550
5.7.1 Error
HD77: Virus Sobig found
Reporting-MTA: dns; mx2.freebsd.org
Arrival-Date: Mon, 22 Nov 2004 11:15:12 +0000 (GMT)
Final-Recipient: rfc822; glebius at bestcom.ru
Action: failed
Status: 5.0.0
Diagnostic-Code: X-Postfix; host relay.bestcom.ru[217.72.144.5] said:
550 5.7.1
Error HD77: Virus Sobig found
Von: Achim Patzner <ap at bnc.net>
Datum: 22. November 2004 12:15:00 MEZ
An: Gleb Smirnoff <glebius at freebsd.org>
Betreff: Re: kern/73910: [ipfw] serious bug on forwarding of packets
after NAT
> Can you show your kernel configuration, pls?
GENERIC + all IPFW-options.
Sorry, I can't get at the machine because it is deactivated but I used
a 5.3 GENERIC and added
options IPFIREWALL #firewall
options IPFIREWALL_VERBOSE #print information about
dropped packets
options IPFIREWALL_FORWARD #enable transparent proxy
support
options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by
default
options IPDIVERT #divert sockets
options IPSTEALTH #support for stealth forwarding
options IPSEC #IP security
options IPSEC_ESP #IP security (crypto; define
w/IPSEC)
options DUMMYNET
Achim
More information about the freebsd-ipfw
mailing list