NAT randomly stops working



  • I got some sort of strange things happening with pgSense.
    There's a LAN network connected to internet through NAT on pfsense. Sometimes some host could stop accessing (http or icmp) web-site, as others can access it at the same time. It happens to different hosts.
    When I look at Queries I don't see any drops. Same with the interfaces - all is ok.
    Please help me with this issue!



  • Waht packages have you instaled?
    what can you see in system logs?



  • pkg_info

    arc-5.21o_1        Create & extract files from DOS .ARC files
    arj-3.10.22_1      Open-source ARJ
    bandwidthd-2.0.1_1  Tracks bandwidth usage by IP address
    clamav-0.95.1      Command line virus scanner written entirely in C
    db41-4.1.25_4      The Berkeley DB package, revision 4.1
    gamin-0.1.10_1      A file and directory monitoring system
    gd-2.0.35,1        A graphics library for fast creation of images
    gdbm-1.8.3_3        The GNU database manager
    gettext-0.17_1      GNU gettext package
    gio-fam-backend-2.20.1 FAM backend for GLib's GIO library
    glib-2.20.1        Some useful routines of C programming (current stable versi
    havp-0.90          HTTP Antivirus Proxy
    jpeg-6b_4          IJG's jpeg compression utilities
    lha-1.14i_6        Archive files using LZSS and Huffman compression (.lzh file
    libiconv-1.11_1    A character set conversion library
    libslang2-2.1.4_1  Routines for rapid alpha-numeric terminal applications deve
    libusb-0.1.12_2    Library giving userland programs access to USB devices
    lightsquid-1.7.1_1  A light and fast web based squid proxy traffic analyser
    lzo2-2.03_2        Portable speedy, lossless data compression library
    mbmon-205_4        A tty motherboard monitor for LM78/79, W8378x, AS99127F, VT
    mc-4.6.2            Midnight Commander, a free Norton Commander Clone
    mysql-client-5.1.44_1 Multithreaded SQL database (client)
    neon26-0.26.4_1    An HTTP and WebDAV client library for Unix systems
    net-snmp-5.4.1.2    An extendable SNMP implementation
    ntop-3.3.8          Network monitoring tool with command line and web interface
    nut-2.2.2          Network UPS Tools
    openldap-client-2.4.10 Open source LDAP client implementation
    openvpn-2.0.6_9    Secure IP/Ethernet tunnel daemon
    p5-GD-2.39          A perl5 interface to Gd Graphics Library version2
    pcre-7.9            Perl Compatible Regular Expressions library
    pcre-8.00          Perl Compatible Regular Expressions library
    perl-5.10.1        Practical Extraction and Report Language
    perl-5.8.8_1        Practical Extraction and Report Language
    pkg-config-0.23_1  A utility to retrieve information about installed libraries
    png-1.2.35          Library for manipulating PNG images
    python25-2.5.4_1    An interpreted object-oriented programming language
    rate-0.9            A traffic analysis command-line utility
    snort-2.8.5.3      Lightweight network intrusion detection system
    squid-2.7.7        HTTP Caching Proxy
    squidGuard-1.3_1    A fast redirector for squid
    squid_radius_auth-1.10 RADIUS authenticator for squid proxy 2.5 and later
    unzoo-4.4_2        A zoo archive extractor

    Nothing special at the logs, mostly ntop messages.
    I tried tcpdump and figured out that all packets are going correctly. Seems like NAT doesn not send/recieve all packets to clients…


Log in to reply