*BSD News Article 94240


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.mel.connect.com.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!cpk-news-hub1.bbnplanet.com!news.bbnplanet.com!rill.news.pipex.net!pipex!tank.news.pipex.net!pipex!news.utell.co.uk!usenet
From: brian@shift.utell.net (Brian Somers)
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: Re: natd + telnet = system crash
Date: 23 Apr 1997 13:33:42 GMT
Organization: Awfulhak Ltd.
Lines: 84
Message-ID: <5jl33m$4vn@ui-gate.utell.co.uk>
References: <RHUFF.97Apr18221526@shell1.cybercom.net>
    <5jg7he$gvb@ui-gate.utell.co.uk>
Reply-To: brian@awfulhak.org, brian@utell.co.uk
NNTP-Posting-Host: shift.utell.net
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Newsreader: knews 0.9.8
Cc: rhuff@shell1.cybercom.net
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:39589


In article <5jg7he$gvb@ui-gate.utell.co.uk>,
	brian@shift.utell.net (Brian Somers) writes:
> In article <RHUFF.97Apr18221526@shell1.cybercom.net>,
> 	rhuff@shell1.cybercom.net (Robert Huff) writes:
[.....]

I'm posting this to usenet as well as sending to
rhuff@shell1.cybercom.net.  I've tried to send to
Robert Huff <huff@compostella.cybercom.net> and
Robert Huff <huff@cybercom.net> (made up by me) with
no success.

> 
> Hello:
> 
> >    Can you try the following:
> >    1. Get the latest version of natd (version 1.4, released today)
> 
> 	Retrieved ver 1.4, installed according to README file and
> man page.  (Which have significant differences, by the way.)

It's now a port too :)

> 
> >    2. Use the -p option rather than -i and -o.
> 
> 	Done.  Still crashes, and about at the same place.  (Copy of
> screen report available on request.)
> 	One collateral problem: the docs say you can add a line to
> /etc/services specifying the NATD port, and IPFW will use this at
> the correct times.  Doesn't work - I had to specify the port
> explicitly by number.

It works for me, but I'm only expecting to not have to specify -p.
I havn't tested the the ipfw suggestion.  Are you already using
port 6668 for something else ?  My entry is

natd		6668/divert # Network address translation socket

Maybe it's a -current thing.  Try "6668/tcp" instead of "6668/divert".
Or is it just that ipfw doesn't grok names instead of numbers ?  If this
is the case, I'll submit a doc change to Ari (the author) - oops :O

> 
> >    3. Try using ppp rather than pppd.
> 
> 	a) Tried PPP (no "-alias") without NATD.  PPP comes up
> successfully ... but now telnet and ftp both hang after the
> "password:" phase.  HTTP is fine.  No crash.
> 	b) Tried PPP (no "-alias") with NATD.  This is working
> ... so far.  I'm going to install and use this, but I still want
> to get NATD working with pppd.  (I've found pppd to be _much_
> more robust than ppp.)  Does this now get reported to the author
> and left for them to solve?

I'm responsible for ppp (and recently, pppd too).   ppp has become
a lot more reliable recently :)  There are even more niceties in
- -current (I'll merge them into the next 2.2 release if they prove
stable).

> >    4. Try using "ppp -alias" without natd.
> 
> 	Same as 3(a) above, plus masquerading function works.
> 
> 
> 				Robert Huff
> 

So,
    pppd+natd      = panic
    ppp            = hang
    ppp+natd       = ok
    ppp -alias     = hang

This is strange.  I'm assuming that pppd on its own works.  Can you
try telnet/ftp'ing to other machines ?  Does this happen for all machines
that you telnet/ftp to ?

Regarding the "hang", are you sure that your DNS resolves both sides
ok ?  How long have you left the "hang" before giving up ?
- -- 
Brian <brian@awfulhak.org>, <brian@freebsd.org>
      <http://www.awfulhak.org>
Don't _EVER_ lose your sense of humour....