Date: Wed, 25 Dec 2002 17:13:23 -0500 (EST) From: Marco Radzinschi <marco@radzinschi.com> To: Adam Lofstedt <lofty_2@yahoo.com> Cc: Fernando Gleiser <fgleiser@cactus.fi.uba.ar>, <freebsd-questions@FreeBSD.ORG> Subject: Re: Can't route past gateway Message-ID: <20021225171214.T35858-100000@radzinschi.com> In-Reply-To: <20021225200959.55135.qmail@web12208.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 25 Dec 2002, Adam Lofstedt wrote:
> > yes, your message was posted. keppt it easy, it's a
> > world-wide holiday,
> > so the answers can take while. :)
> >
> Thanks... Sorry about this. I didn't mean to make it
> seem hysterical or anything.
>
> > >
> > > I have a freeBSD machine with two NICS that I am
> > using
> > > as a NAT gateway. No matter what I do, clients on
> > my
> > > LAN can't get past the gateway. They can ping
> > both
> > > the interal and external interfaces of the
> > gateway,
> > > but can't get outside.
> >
> > Either NAT is not working or the filter are blocking
> > the packets. try doing an
> > 'ipnat -l' and post the output. If the rules are
> > loaded, drop the
> > filters ('ipf -Fa') and try again from one client.
> >
> #ipnat -l
> List of active MAP/redirect filters:
> map x10 192.168.1.0/24 -> 0.0.0.0/32 portmap tcp/udp
> 40000:60000
> map x10 192.168.1.0/24 -> 0.0.0.0/32
>
> List of active sessions:
>
> I've tried ipf -Fa, but no luck yet.
>
> Thanks and happy holidays.
>
> Adam Lofstedt
Have you issued an "ipf -y" command to synchronize IPFilter's address with
the 0/32 rule?
Marco Radzinschi
E-Mail: marco@radzinschi.com
Wed Dec 25 17:12:14 EST 2002
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021225171214.T35858-100000>