Date: Sun, 18 Jul 2004 20:58:35 +0200 From: bkhl@elektrubadur.se (=?iso-8859-1?q?Bj=F6rn_Lindstr=F6m?=) To: freebsd-questions@freebsd.org Subject: Re: NAT trouble Message-ID: <s38ekn9xhus.fsf@numerus.ling.uu.se> References: <s38smbpxrov.fsf@numerus.ling.uu.se> <20040718124432.56a7b923.wmoran@potentialtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Bill Moran <wmoran@potentialtech.com> writes:
>> (Where tun0 is the interface of my ADSL connection.)
>
> Is tun0 the real interface?
No, the actual card is rl0:
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet6 fe80::2e0:4cff:feb0:5d5b%rl0 prefixlen 64 scopeid 0x1
ether 00:e0:4c:b0:5d:5b
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1492
inet 81.228.156.82 --> 81.228.156.1 netmask 0xffffffff
Opened by PID 53
Is it the actual NIC that should be put in $nat_interface?
> What happens if you start it manually? Are there any entries in
> /var/log/messages to tell you why it didn't start automatically?
> Looking at the output at system startup, there should be some
> indication of why natd didn't start.
Nope. There's nothing helpful there that I can see. Only this seems
related:
Jul 18 17:13:36 calliope /kernel: IP packet filtering initialized, \
divert enabled, rule-based forwarding enabled, default to deny, \
logging limited to 10 packets/entry by default
...and that seems right.
> Are you saying that your internal machines _can_ get to the net when
> you delete that rule? If so, then you don't need nat, and you need to
> reconsider your configuration.
I need NAT, because I need machines inside the LAN to serve certain
ports. (15000, as you can see from the line from natd.conf.)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?s38ekn9xhus.fsf>