From owner-freebsd-ipfw Wed Aug 9 14:34:54 2000 Delivered-To: freebsd-ipfw@freebsd.org Received: from rapidnet.com (rapidnet.com [205.164.216.1]) by hub.freebsd.org (Postfix) with ESMTP id 6D61037B62B for ; Wed, 9 Aug 2000 14:34:51 -0700 (PDT) (envelope-from nick@rapidnet.com) Received: from localhost (nick@localhost) by rapidnet.com (8.9.3/8.9.3) with ESMTP id PAA78384; Wed, 9 Aug 2000 15:34:02 -0600 (MDT) Date: Wed, 9 Aug 2000 15:34:02 -0600 (MDT) From: Nick Rogness To: TeRrAc Cc: FreeBSD IPFW list Subject: Re: natd + IPFW In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 9 Aug 2000, TeRrAc wrote: > I am sorry. Yes I had done this, however in composing the mail I copied > straight fromteh natd man page. > > If I were to build a custom rc.firewall script to do this job would it > need more than: > --- > flush > divert natd all from any to any via fxp1 > allow ip from any to any > allow icmp from any to any > --- Is natd running? # ps -auxww |grep natd|grep -v grep What does your firewall rules look like? # ipfw -a l > ? > Also, would forwarding keep packets from getting routed back to the > source? Or are they possibly getting stopped before they reach their > destination? No, unless you are using forwarding within the firewall. > > On Wed, 9 Aug 2000, Nick Rogness wrote: > > > On Wed, 9 Aug 2000, TeRrAc wrote: > > > > > > > > I have also tried using the IPFW commands; > > > /sbin/ipfw -f flush > > > /sbin/ipfw add divert natd all from any to any via ed0 > > ^^^^^ > > Should be outside interface > > > > /sbin/ipfw add divert natd all from any to any via fxp1 > > > > Nick Rogness - Drive defensively. Buy a tank. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message