Date: Thu, 05 Aug 2010 07:23:58 +0100 From: Michael <mlmichael70@gmail.com> To: freebsd-ipfw@freebsd.org Subject: nat and dynamic external address Message-ID: <4C5A58FE.2050704@gmail.com>
next in thread | raw e-mail | index | archive | help
Hello. Am I right thinking that "if interface" and "reset" parameters should be enough to handle changing address (DHCP) on external interface? My rules: ipfw -q nat 1 config reset if $if_ext log same_ports ipfw -q add nat 1 udp from $jail_ip to $dns out xmit $if_ext jail $jail_jid ipfw -q add nat 1 udp from $dns to me in recv $if_ext They works fine only when $if_ext gets it's IP address during system boot-up. If DHCP server is unavailable at the time of rules loading then ipfw says: ipfw: cannot get interface name (The same happens without "SYNDHCP" option for ipfw in rc.conf) It loads all rules anyway. Now after DHCP becomes available and $ext_if gets it's IP address it turns out that NAT is still not working. I have to manually reload the same ruleset. Any ideas how to solve that problem? Michael
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C5A58FE.2050704>