From owner-freebsd-questions@FreeBSD.ORG Thu May 8 05:31:54 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0BA9F37B401 for ; Thu, 8 May 2003 05:31:54 -0700 (PDT) Received: from fixx.co.za (gemini.fixx.co.za [196.34.165.222]) by mx1.FreeBSD.org (Postfix) with ESMTP id AEFA843F93 for ; Thu, 8 May 2003 05:31:42 -0700 (PDT) (envelope-from fixx@fixx.co.za) Received: from fixx (helo=localhost) by fixx.co.za with local-esmtp (Exim 4.12) id 19DkYR-0003DI-00 for freebsd-questions@freebsd.org; Thu, 08 May 2003 14:31:19 +0200 Date: Thu, 8 May 2003 14:31:19 +0200 (SAST) From: Wayne Swart To: FreeBSD Mailing list Message-ID: <20030508142730.V8587-100000@gemini.fixx.co.za> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: ipfw + natd X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 May 2003 12:31:54 -0000 Lo I am running FreeBSD4.8-RELEASE and have a problem with ipfw and natd. the two interfaces (dc0 and dc1) have the following ip setup. dc1 ip: 10.10.10.1 dc0 ip: 196.x.x.x now i can't do any requests through my box to "the outside" anymore, since i added a default to deny rule. i use the following ipfw rules for the nat, but it does not seem to have any impact on the requests that has to go through it. ipfw add divert natd all from any to any via dc0 out keep-state ipfw add allow all from 10.10.10.0/24 to any via dc0 out keep-state ipfw add allow all from 10.10.10.0/24 to any via dc1 in keep-state is there an easier way to troubleshoot this? any help is appreciated... Wayne