From owner-freebsd-ipfw Thu Aug 1 8:36:18 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 451F737B400 for ; Thu, 1 Aug 2002 08:36:15 -0700 (PDT) Received: from novaconnect.net (ns.novaconnect.net [205.150.191.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id B02E143E6A for ; Thu, 1 Aug 2002 08:36:14 -0700 (PDT) (envelope-from mailing@novaconnect.net) Received: from [192.168.100.21] (account ) by novaconnect.net (CommuniGate Pro WebUser 3.5b5) with HTTP id 44848 for ; Thu, 01 Aug 2002 11:33:52 -0400 From: "Matt Abraham" Subject: "ipfw fwd" not working without static route? To: freebsd-ipfw@freebsd.org X-Mailer: CommuniGate Pro Web Mailer v.3.5b5 Date: Thu, 01 Aug 2002 11:33:52 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 8bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I'm trying to forward all packets from a privately addressed machine (172.17.1.5) to a gateway via a FreeBSD box running ipfw. Here's the ipfw directive: fwd 192.168.215.15 log logamount 10000 ip from 172.17.1.5 to any Now when I ping public address a.b.c.d from 172.17.1.5, I get a "Destination Host Unreachable." When I try to ping this same address from the FreeBSD box, I get a "No route to host" message. Adding a static route, however, solves the problem: route add -net a.b.c.d 192.169.215.15 ...so now I can ping from both 172.17.1.5 and my FreeBSD firewall! Of course, having to add routes, sort of defeats the ipfw fwd command, doesn't it? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message