From owner-freebsd-questions@FreeBSD.ORG Wed Mar 19 20:22:00 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5C4D6106564A for ; Wed, 19 Mar 2008 20:22:00 +0000 (UTC) (envelope-from ccowart@rescomp.berkeley.edu) Received: from hal.rescomp.berkeley.edu (hal.Rescomp.Berkeley.EDU [169.229.70.150]) by mx1.freebsd.org (Postfix) with ESMTP id 415108FC17 for ; Wed, 19 Mar 2008 20:22:00 +0000 (UTC) (envelope-from ccowart@rescomp.berkeley.edu) Received: by hal.rescomp.berkeley.edu (Postfix, from userid 1225) id B52703C04C1; Wed, 19 Mar 2008 13:21:59 -0700 (PDT) Date: Wed, 19 Mar 2008 13:21:59 -0700 From: Christopher Cowart To: Josh Paetzel Message-ID: <20080319202159.GI39509@hal.rescomp.berkeley.edu> Mail-Followup-To: Josh Paetzel , freebsd-questions@freebsd.org, Robert Huff References: <18401.29043.824662.173177@jerusalem.litteratus.org> <200803191516.59344.josh@tcbug.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="cf0hFtnykp6aONGL" Content-Disposition: inline In-Reply-To: <200803191516.59344.josh@tcbug.org> Organization: RSSP-IT, UC Berkeley User-Agent: Mutt/1.5.16 (2007-06-09) Cc: Robert Huff , freebsd-questions@freebsd.org Subject: Re: confusion configuring NAT X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2008 20:22:00 -0000 --cf0hFtnykp6aONGL Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Josh Paetzel wrote: > I don't see much in the man page for ipfw concerning nat, certainly not t= he=20 > rules you are specifying. Try man natd =20 NAT support was added to ipfw with the 7.0 release. You don't need to run natd if you're using ipfw nat. Robert Huff wrote: > ipfw nat 10 config log ip 10.0.0.0/8 You should disable natd. Try the following command to configure the nat rule: # ipfw nat 10 config if $OIF log reset --=20 Chris Cowart Network Technical Lead Network & Infrastructure Services, RSSP-IT UC Berkeley --cf0hFtnykp6aONGL Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iQIVAwUBR+F15yPHEDszU3zYAQK+XhAAvreTpobrD4jR5o0WAax0VyxCLTp/txNu Sj9ft0L0fH07utuFe6DUpgGM2y5yxvl5zEsHQvXqGGvnaCJ9qD0h/kdugzv1dTg3 l99qYPr1xUc3SXSo6D2a8QkvDnWy6ey0b1SR5InPGzVsQtfMYFCixR1s8WU3fiYz mKgAJtUCrgs5JjERho5lTk6lnnvlL3A2fpHYwckx5LvVRvsBmOy6hkAvTEJDcE12 10zQyWylouhzgTYnUcBnbAmttKyE/desZBv4vKuc7MDg7mJoTe8EJP9JcUJrumeK 5mQYh2kfHUzY2WL4Xtex1e4fWdjp3xMGrFgbx77L9IBU9n84H+ku52yWpp5Vrdo3 r5Pt8BAs579aZiTYJ7oXC34j9dJlGWTfB1Ra1c++XQ0b/ktyW0w0BZz3ChqZZfbL HMKXINl3ekCsJbcklD4l8vVLrEqmXM2/bcZNqt50wDI6B+jhWX4qDsoJnxI0+djJ pxP60OKpscxSPnQ14xN6AJQMKcr1+syS5+BOIll6MNk39vmn9NmqjZTHFL2cZw5w 1iXZswRKhlAamCY4zppbQaY9ncv4EyIYr/fnFxBm/AFhON/1Jt9SKTfivijUrol9 kuJegfRWMEDmVV2iZmFl9RSkoomqy8cHNdMDNJV1AEAfbomxzNzVv+Vdj89E1CAd tQT9ulrW5BQ= =Bze0 -----END PGP SIGNATURE----- --cf0hFtnykp6aONGL--