From owner-freebsd-ipfw@FreeBSD.ORG  Tue May  3 03:21:21 2011
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CCA6D106564A
	for <freebsd-ipfw@freebsd.org>; Tue,  3 May 2011 03:21:21 +0000 (UTC)
	(envelope-from 62mkv@mail.ru)
Received: from smtp13.mail.ru (smtp13.mail.ru [94.100.176.90])
	by mx1.freebsd.org (Postfix) with ESMTP id 5A7C68FC12
	for <freebsd-ipfw@freebsd.org>; Tue,  3 May 2011 03:21:20 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mail.ru;
	s=mail; 
	h=Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:To:Message-ID:Reply-To:From:Date;
	bh=b0IC93fgx70To9Fp2uECQXLr7WMbSdBYciePxBuYE/M=; 
	b=n4zEZH1XRWO7D3YJM6UhpgVGE5KzlaxY/5yllrFHR6n7WXOaaBIIc2LZLdm+p5tLVH5fNNkAGMvPqy2Ckb2HmVz2eexLlr6uBpikdAqCRStHH6Q/3ZofeHuBhUoA4Xra;
Received: from [81.201.246.18] (port=51219 helo=RABBIT)
	by smtp13.mail.ru with asmtp id 1QH6Ao-0000Hu-00
	for freebsd-ipfw@freebsd.org; Tue, 03 May 2011 07:21:19 +0400
Date: Tue, 3 May 2011 10:21:17 +0700
From: 62mkv <62mkv@mail.ru>
X-Priority: 3 (Normal)
Message-ID: <1707514172.20110503102117@mail.ru>
To: freebsd-ipfw@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Spam: Not detected
X-Mras: Ok
Subject: please help to solve problems with NATting (IPFW+NATD, FreeBSD 8.1)
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: 62mkv <62mkv@mail.ru>
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 03 May 2011 03:21:21 -0000

Hello Freebsd-ipfw,

  I have already spent around a week to solve this problem. Evidently
  I miss something crucial for understanding.

  I have a FreeBSD 8.1 box, 2 NICs, one per LAN (192.168.0.0/24),
  another per WAN (static global IP)

  The box itself operates quite well both on LAN and on WAN. According
  to the console output at startup, NATD starts up OK.

  the rules script that I think SHOULD work fine for my needs,
  misbehaves (at least for me) - none of the application from LAN can
  get access to WAN sites, not ping, no web, nothing

  But the "ipfw show" displays only "allow" rules matches, as if
  everything is working.

  It is then either routing issue, either NATD, how can I localize
  and solve the problem ?

  All (I hope so) relevant info is in the zip-archive http://download81.files.mail.ru/P1TYGH/a1f6972cb51c1587b8bf9ec1d59144fb/IPFW.ZIP,

  please help !

  Thanks a lot !

Best wishes, 62mkv

mailto: 62mkv@mail.ru