From owner-freebsd-questions@FreeBSD.ORG Sat Sep 11 10:59:15 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 522DB16A4CE for ; Sat, 11 Sep 2004 10:59:15 +0000 (GMT) Received: from mta9.adelphia.net (mta9.adelphia.net [68.168.78.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id DB18D43D5E for ; Sat, 11 Sep 2004 10:59:14 +0000 (GMT) (envelope-from Barbish3@adelphia.net) Received: from barbish ([67.20.101.71]) by mta9.adelphia.net (InterMail vM.6.01.03.02 201-2131-111-104-20040324) with SMTP id <20040911105914.XLLH2583.mta9.adelphia.net@barbish>; Sat, 11 Sep 2004 06:59:14 -0400 From: "JJB" To: "Denis Lemire" , Date: Sat, 11 Sep 2004 06:59:14 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) In-Reply-To: <32e9a1d04091019577dc83b3d@mail.gmail.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Importance: Normal Subject: RE: NAT/DIVERT Issues in 5.2.1 Release X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Barbish3@adelphia.net List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Sep 2004 10:59:15 -0000 Your question is way to vague. You have to post your ipfw rules file and the contents of rc.conf for people to review before anybody can help you. First piece of advice is to not use the default firewall rules as its way outdated and does more to confuse a person than really work as an firewall rule set. Second you should read the complete rewrite of the handbook firewall section at www.a1poweruser.com/FBSD_firewall/ for details on configuring ipfw. -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Denis Lemire Sent: Friday, September 10, 2004 10:58 PM To: freebsd-questions@freebsd.org Subject: NAT/DIVERT Issues in 5.2.1 Release I've just completed a frustrating day of attempting to get nat working on 5.2.1 RELEASE. I've very familiar with using FreeBSD as a nat enabled Internet gateway, I have set this up on many machines with prior versions. I've compiled my kernel with the ip divert and firewall options needed. I have enabled the firewall and natd in my rc.conf, and have (for now) set firewall type to open and gateway_enable="yes". The setup simply won't work, the appropriate rules are in the firewall, and the natd daemon is running. The main thing I find that doesn't make sense is running "ipfw -a l" lists the divert rule but its values are zeroed out such that it has been used. Is there an issue with nat on 5.2.1-RELEASE? I've even tried compiling a kernel from cvsup (5.2.1-RELEASE-p9 I believe). Any suggestions on where I might have messed this up would be excellent. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"