From owner-freebsd-net  Wed Dec  5  4:54:19 2001
Delivered-To: freebsd-net@freebsd.org
Received: from c7.campus.utcluj.ro (c7.campus.utcluj.ro [193.226.6.226])
	by hub.freebsd.org (Postfix) with SMTP id 0DFE137B41D
	for <freebsd-net@FreeBSD.ORG>; Wed,  5 Dec 2001 04:53:11 -0800 (PST)
Received: (qmail 11107 invoked by uid 1008); 5 Dec 2001 12:53:19 -0000
Date: Wed, 5 Dec 2001 14:53:19 +0200
From: veedee@c7.campus.utcluj.ro
To: "Crist J . Clark" <cjc@FreeBSD.ORG>
Cc: freebsd-net@FreeBSD.ORG
Subject: Re: ipnat
Message-ID: <20011205145319.A11038@c7.campus.utcluj.ro>
References: <20011204210510.A1833@c7.campus.utcluj.ro> <20011205034016.G40864@blossom.cjclark.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20011205034016.G40864@blossom.cjclark.org>; from cjc@FreeBSD.ORG on Wed, Dec 05, 2001 at 03:40:16AM -0800
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

On Wed, Dec 05, 2001 at 03:40:16AM -0800, Crist J . Clark wrote:
> [This would be better on the -questions list or IPFilter list.]
Sorry to be a pain in the ass, but is there a freebsd-ipfilter? haven't
found any at
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/eresources.html

Or you meant another ipfilter list? :-/

> On Tue, Dec 04, 2001 at 09:05:10PM +0200, veedee@c7.campus.utcluj.ro wrote:
> [snip]
> 
> > -- ipnat.rules --
> > map xl0 172.27.0.0/23 -> x.x.x.x/32 proxy port ftp ftp/tcp
> > map xl0 from 172.27.0.0/23 to any -> x.x.x.x/32
> > -- eof --
> 
> Try,
> 
>   map xl0 172.27.0.0/23 -> x.x.x.x/32 proxy port ftp ftp/tcp
>   map xl0 172.27.0.0/23 -> x.x.x.x/32 portmap tcp/udp auto 
>   map xl0 172.27.0.0/23 -> x.x.x.x/32
>
Doesn't work... Arjaan sugested 0/0 which solved my problem. Anyway, I was
wondering who is in charge of ipfilter for freebsd. I grep-ed the man pages,
but there was no reference what so ever to 0/0.
Here's the new rule list, for those who had/have/will have this problem:
-- ipnat.rules --
# Don't NAT for 172.27.40.0
map xl0 from 172.27.0.0/23 to 172.27.40.0/23 -> 0/0 proxy port ftp ftp/tcp
map xl0 from 172.27.0.0/23 to 172.27.40.0/23 -> 0/0
# NAT everything else
map xl0 from 172.27.0.0/23 to any -> x.x.x.x/32 proxy port ftp ftp/tcp
map xl0 from 172.27.0.0/23 to any -> x.x.x.x/32
-- eof --

Thank you for your time,
veedee.

> -- 
> Crist J. Clark                     |     cjclark@alum.mit.edu
>                                    |     cjclark@jhu.edu
> http://people.freebsd.org/~cjc/    |     cjc@freebsd.org
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-net" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message