From owner-freebsd-jail@FreeBSD.ORG  Sat Jul 31 16:45:02 2010
Return-Path: <owner-freebsd-jail@FreeBSD.ORG>
Delivered-To: freebsd-jail@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5B98C106566C
	for <freebsd-jail@freebsd.org>; Sat, 31 Jul 2010 16:45:02 +0000 (UTC)
	(envelope-from askjuise@gmail.com)
Received: from mail-qw0-f54.google.com (mail-qw0-f54.google.com
	[209.85.216.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 0A74B8FC13
	for <freebsd-jail@freebsd.org>; Sat, 31 Jul 2010 16:45:01 +0000 (UTC)
Received: by qwk3 with SMTP id 3so851589qwk.13
	for <freebsd-jail@freebsd.org>; Sat, 31 Jul 2010 09:45:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:received:received:in-reply-to
	:references:date:message-id:subject:from:to:cc:content-type;
	bh=gp3TSNiphKnPO+Qr5tVZrgH/APR0jIXnRhcWhlX/SVw=;
	b=n03qZ+ZEaRyXy1KMqFuxt9JHaElCzi+DA976UP2lbZZV9oCeQhCD36f2rZiq1de7gr
	M2sUHKbKvRJxUxwl+S1t7SDjic72oSILc/nBkJxgUGlWh85wE+iirzXNBnzM9iFx1KIE
	s62/kBS5y/uN5tdQ5jq3gJO68u5Rhewj0yU6s=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type;
	b=euwllkISW6XmbTrQlX+9Edabib4lRJwk9lvtDE2pc0BsfkzP0gZ+m/oK1QIqz281P8
	jtgGp2ix4dCGKthLxtWqGeYtAD/9YnUfVUQHrq/cJGt2NaLcW2QVSeo+OVAyq8fgoJ8k
	9axuiEsEdrqFWEgGX1ZDzkEIOmibuRcPp4dL0=
MIME-Version: 1.0
Received: by 10.220.168.10 with SMTP id s10mr2344546vcy.50.1280594700968; Sat, 
	31 Jul 2010 09:45:00 -0700 (PDT)
Received: by 10.220.190.5 with HTTP; Sat, 31 Jul 2010 09:45:00 -0700 (PDT)
In-Reply-To: <AANLkTinGGXWR7JxSA96RdECTpshmPSxiwr+e6eRdLQWH@mail.gmail.com>
References: <AANLkTinfQrE=eRSQ1gEFQfoib=9=PC4einxBWTqFBhyj@mail.gmail.com>
	<AANLkTimgsDa+1_JA86CeLefHnZQ2OaAB7RnFU8gVsFM=@mail.gmail.com>
	<AANLkTinGGXWR7JxSA96RdECTpshmPSxiwr+e6eRdLQWH@mail.gmail.com>
Date: Sun, 1 Aug 2010 00:45:00 +0800
Message-ID: <AANLkTimNO2QxiOZmV7snRGjS_dYu-QcPC0aPueghmmHW@mail.gmail.com>
From: Alexander Petrovsky <askjuise@gmail.com>
To: Rick van der Zwet <info@rickvanderzwet.nl>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: freebsd-jail@freebsd.org
Subject: Re: trouble getting Jail with IPFW+NAT to work
X-BeenThere: freebsd-jail@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Discussion about FreeBSD jail\(8\)" <freebsd-jail.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-jail>
List-Post: <mailto:freebsd-jail@freebsd.org>
List-Help: <mailto:freebsd-jail-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-jail>,
	<mailto:freebsd-jail-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 31 Jul 2010 16:45:02 -0000

This is too stupid rule:

${fwcmd} add nat 200 all from 10.0.0.0/24 to any via re0
${fwcmd} nat 200 config if re0

Try like someting like this:

${fwcmd} add nat 1 all from 10.0.0.0/24 to any out recv lo1 xmit re0
${fwcmd} add nat 1 all from any to 78.46.85.230 in recv re0
${fwcmd} nat 1 config if re0

or this:

${fwcmd} add nat 1 all from 10.0.0.0/24 to any out via re0
${fwcmd} add nat 1 all from any to 78.46.85.230 in via re0
${fwcmd} nat 1 config if re0


2010/7/31 Rick van der Zwet <info@rickvanderzwet.nl>

> On 31 July 2010 16:06, Alexander Petrovsky <askjuise@gmail.com> wrote:
> > Show ifconfig plz!
> > Show netstat -arn!
>
> %ifconfig -a
> re0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 15=
00
>
>  options=3D389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCA=
ST,WOL_MCAST,WOL_MAGIC>
>        ether 40:61:86:e9:d3:12
>        inet 78.46.85.230 netmask 0xffffffe0 broadcast 78.46.85.255
>        inet6 fe80::4261:86ff:fee9:d312%re0 prefixlen 64 scopeid 0x1
>        inet6 2a01:4f8:120:13a3::2 prefixlen 59
>        inet 78.46.112.168 netmask 0xfffffff0 broadcast 78.46.112.175
>        media: Ethernet autoselect (100baseTX <full-duplex>)
>        status: active
> lo0: flags=3D8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
>        options=3D3<RXCSUM,TXCSUM>
>        inet 127.0.0.1 netmask 0xff000000
>        inet6 ::1 prefixlen 128
>        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
>        inet 127.0.0.2 netmask 0xffffffff
>        inet 127.0.0.3 netmask 0xffffffff
> lo1: flags=3D8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
>        options=3D3<RXCSUM,TXCSUM>
>        inet 10.0.0.1 netmask 0xffffff00
>        inet 10.0.0.2 netmask 0xffffff00
> %netstat -am
> 257/3328/3585 mbufs in use (current/cache/total)
> 256/2318/2574/25600 mbuf clusters in use (current/cache/total/max)
> 256/1792 mbuf+clusters out of packet secondary zone in use (current/cache=
)
> 0/263/263/12800 4k (page size) jumbo clusters in use
> (current/cache/total/max)
> 0/0/0/6400 9k jumbo clusters in use (current/cache/total/max)
> 0/0/0/3200 16k jumbo clusters in use (current/cache/total/max)
> 576K/6520K/7096K bytes allocated to network (current/cache/total)
> 0/0/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters)
> 0/0/0 requests for jumbo clusters denied (4k/9k/16k)
> 0/0/0 sfbufs in use (current/peak/max)
> 0 requests for sfbufs denied
> 0 requests for sfbufs delayed
> 139 requests for I/O initiated by sendfile
> 0 calls to protocol drain routines
>
> /Rick
> --
> http://rickvanderzwet.nl
>



--=20
=D0=9F=D0=B5=D1=82=D1=80=D0=BE=D0=B2=D1=81=D0=BA=D0=B8=D0=B9 =D0=90=D0=BB=
=D0=B5=D0=BA=D1=81=D0=B0=D0=BD=D0=B4=D1=80 / Alexander Petrovsky,

ICQ: 350342118
Jabber: juise@jabber.ru
Phone: +7 914 8 820 815