From owner-freebsd-questions@FreeBSD.ORG  Sat Dec 31 02:10:05 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0FD7F16A41F
	for <freebsd-questions@freebsd.org>;
	Sat, 31 Dec 2005 02:10:05 +0000 (GMT)
	(envelope-from destroyingculture@netspace.net.au)
Received: from mail.netspace.net.au (whirlwind.netspace.net.au [203.10.110.76])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3A26F43D45
	for <freebsd-questions@freebsd.org>;
	Sat, 31 Dec 2005 02:10:03 +0000 (GMT)
	(envelope-from destroyingculture@netspace.net.au)
Received: from nebuchadnezzar (220-253-51-110.VIC.netspace.net.au
	[220.253.51.110])
	by mail.netspace.net.au (Postfix) with ESMTP id B290912F182
	for <freebsd-questions@freebsd.org>;
	Sat, 31 Dec 2005 13:10:01 +1100 (EST)
Date: Sat, 31 Dec 2005 13:15:49 +1100 (EST)
From: caleb <destroyingculture@netspace.net.au>
X-X-Sender: caleb@nebuchadnezzar.my.domain
To: freebsd-questions@freebsd.org
Message-ID: <20051231130326.D699@nebuchadnezzar.my.domain>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Subject: ipnat -CF -f /etc/ipnat.rules
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 31 Dec 2005 02:10:05 -0000

Hi everyone,
            I have just put together a router/firewall using 5.4 RELEASE 
and IPFILTER. Everything is working fine except I have to manually flush 
the NAT table every time the router boots. below is my rc.conf and 
ipnat.rules, I have used rc.conf to start everything at boot;

/* rc.conf */

gateway_enable="YES"
sshd_enable="YES"
ifconfig_rl1="inet 10.0.0.1 netmask 255.255.255.0"
ifconfig_rl0="inet 192.168.0.1 netmask 255.255.255.0"
hostname="tweak"
ipfilter_enable="YES"
ipfilter_rules="/etc/ipf.rules"
ipmon_enable="YES"
ipmon_flags="-Ds"
ipnat_enable="YES"
ipnat_rules="/etc/ipnat.rules"
ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="NO"
ppp_profile="netspace"
ppp_user="root"

/* ipnat.rules */

map tun0 192.168.0.0/24 -> 0/32


Is there something I am missing? I do not think it is ipf, as I have 
configured it to allow everything in and out. Could you please CC me if 
you decide to help.

Thankyou,

caleb
--
There is no spoon