Re: TCP and natd issues

From: Gary Allan <dragonfly@xxxxxxxxxxxxxxx>
Date: Fri, 24 Dec 2004 17:52:37 +0000


I've made progress tracing the cause of my natd issues. I tried following a suggestion of downloading historical Kernels. Unfortunately they don't contain IPFW2 and my ipfw kernel module didn't always load cleanly against them. This problem did however give me another area to test. (Thanks Simon)

The natd problems only appears when using IPFW2. (IPFW2=yes in /etc/make.conf during a buildworld). When the kernel (and 2 userland binaries) are compiled to use IPFW everything works as expected.

I also did some more testing under IPFW2 by setting registry keys to change WinXPs TCP window size. It had absolutely no affect. TCP sessions from Firefox are still blocked and the telnet cmd utility is still unaffected. ("Telnet <google_webserver> 80" and "telnet <mymailserver> 25" work just fine.) I can't identify any distinguishing features between the two sessions.

This is with todays latest code.

Are there any future plans to make IPFW2 the default ipfw firewall?



