From owner-freebsd-current@FreeBSD.ORG Thu Oct 21 13:20:27 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E970B16A4CE for ; Thu, 21 Oct 2004 13:20:27 +0000 (GMT) Received: from vsmtp1.tin.it (vsmtp1.tin.it [212.216.176.141]) by mx1.FreeBSD.org (Postfix) with ESMTP id A2B4C43D46 for ; Thu, 21 Oct 2004 13:20:27 +0000 (GMT) (envelope-from rionda@gufi.org) Received: from kaiser.sig11.org (82.50.112.121) by vsmtp1.tin.it (7.0.027) id 416FD1FE002ADCCB for freebsd-current@freebsd.org; Thu, 21 Oct 2004 15:20:27 +0200 Received: from [127.0.0.1] (localhost [127.0.0.1]) by kaiser.sig11.org (Postfix) with ESMTP id 062F711C for ; Thu, 21 Oct 2004 15:20:25 +0200 (CEST) From: Matteo Riondato To: freebsd-current@freebsd.org Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-o7bKXl5g99a0RMWc1VL/" Message-Id: <1098364825.16153.30.camel@kaiser.sig11.org> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Thu, 21 Oct 2004 15:20:25 +0200 Subject: Is PF nat broken? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: rionda@gufi.org List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Oct 2004 13:20:28 -0000 --=-o7bKXl5g99a0RMWc1VL/ Content-Type: text/plain Content-Transfer-Encoding: quoted-printable I switched from PPP -nat + IPFW to PF for nat and packet filtering. It seems to me that nat does not work with pf: This are my rules in /etc/pf.conf : ext_if =3D "tun0" wifi_if =3D "rl0" eth_if =3D "fxp1" wifi_net =3D "192.168.1.0/27" eth_net =3D "192.168.0.0/29" [snip] nat on $ext_if from $wifi_net to any -> ($ext_if) nat on $ext_if from $eth_net to any -> ($ext_if) [snip filtering rules] In rc.conf I have gateway_enable=3D"YES" ppp_enable=3D"YES" ppp_mode=3D"ddial" ppp_nat=3D"NO" ppp_profile=3D"eth" pf_enable=3D"YES" pf_rules=3D"/etc/pf.conf" [snip] Please note that I'm using pf.ko, not in-kernel support. There isn't a "nat enable yes" line in /etc/ppp/ppp.conf Any help will be appreciated. Best Regards --=20 Rionda aka Matteo Riondato GUFI Staff Member (http://www.gufi.org) FreeSBIE Developer (http://www.freesbie.org) BSD-FAQ-it Main Developer (http://utenti.gufi.org/~rionda) Sent from: kaiser.sig11.org running FreeBSD-6.0-CURRENT --=-o7bKXl5g99a0RMWc1VL/ Content-Type: application/pgp-signature; name=signature.asc Content-Description: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.5 (FreeBSD) iD8DBQBBd7eZ2Mp4pR7Fa+wRAgvfAJ9ZN6vhzopTU2i6QdtUttNEZ8UOpQCgk/Uv V27AStF8DgrIh6+EDPEvKH4= =hPWb -----END PGP SIGNATURE----- --=-o7bKXl5g99a0RMWc1VL/--