Date: Tue, 11 Oct 2005 15:54:21 +0400 From: Artemiev Igor <ai@bmc.brk.ru> To: "Travis H." <solinym@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: NAT states Message-ID: <20051011155421.4e3b69cb.ai@bmc.brk.ru> In-Reply-To: <d4f1333a0510110337rd8ce894qd45b285c1715f9c3@mail.gmail.com> References: <20051011121205.4dfa7cf2.ai@bmc.brk.ru> <d4f1333a0510110336r71fae318w2d420a647a2e9c4b@mail.gmail.com> <d4f1333a0510110337rd8ce894qd45b285c1715f9c3@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 11 Oct 2005 05:37:48 -0500 "Travis H." <solinym@gmail.com> wrote: > Oh, also another thing; do you initialize table <locals> somewhere? > If it is empty, nothing will match NAT rule. NAT state didn`t match, i see it by pfctl -vs state and packet dropped. Consequently, nat is not working without an explicit rule for incoming traffic lan->internet on $lanif, and incoming internet->lan on $extif, in spite of created state and "pass" existing in nat rule. Why is that so? -- iprefetch ai
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051011155421.4e3b69cb.ai>