From owner-freebsd-questions Sun Jun 18 1:58:23 2000 Delivered-To: freebsd-questions@freebsd.org Received: from merlin.prod.itd.earthlink.net (merlin.prod.itd.earthlink.net [207.217.120.156]) by hub.freebsd.org (Postfix) with ESMTP id E1B3D37B957 for ; Sun, 18 Jun 2000 01:58:19 -0700 (PDT) (envelope-from cjc@earthlink.net) Received: from dialin-client.earthlink.net (pool0315.cvx20-bradley.dialup.earthlink.net [209.179.251.60]) by merlin.prod.itd.earthlink.net (8.9.3-EL_1_3/8.9.3) with ESMTP id BAA25007; Sun, 18 Jun 2000 01:58:17 -0700 (PDT) Received: (from cjc@localhost) by dialin-client.earthlink.net (8.9.3/8.9.3) id BAA00317; Sun, 18 Jun 2000 01:56:52 -0700 (PDT) Date: Sun, 18 Jun 2000 01:56:21 -0700 From: "Crist J. Clark" To: James Long Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Novice troubles with natd Message-ID: <20000618015621.A278@dialin-client.earthlink.net> Reply-To: cjclark@alum.mit.edu References: <200006180428.VAA03979@ip216-26-45-224.dsl.du.teleport.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <200006180428.VAA03979@ip216-26-45-224.dsl.du.teleport.com>; from james@ip216-26-45-224.dsl.du.teleport.com on Sat, Jun 17, 2000 at 09:28:42PM -0700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Jun 17, 2000 at 09:28:42PM -0700, James Long wrote: > I am a FreeBSD novice who is trying to configure a P90 running 3.4-RELEASE > to act as a firewall between by DSL interface and a local network run here > at my home. [cut odd, but functional looking kernel config and good rc.conf] > 'custom' is a firewall type I have defined myself in rc.firewall. Actually, > my current firewall rules are: > > flush > add divert natd ip from 10.0.0.0/24 to any via fxp1 > add deny log ip from 10.0.0.2 to any > add allow ip from any to any > > My immediate problem is that natd doesn't seem to be remapping packet > addresses the way I thought it would. Or at all, for that matter. None of the returning packets ever go to natd(8). How could anything work? -- Crist J. Clark cjclark@alum.mit.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message