From owner-freebsd-hackers  Mon Jan 13 13:58:54 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id NAA08930
          for hackers-outgoing; Mon, 13 Jan 1997 13:58:54 -0800 (PST)
Received: from cheops.anu.edu.au (avalon@cheops.anu.edu.au [150.203.76.24])
          by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id NAA08910
          for <hackers@freebsd.org>; Mon, 13 Jan 1997 13:58:50 -0800 (PST)
Message-Id: <199701132158.NAA08910@freefall.freebsd.org>
Received: by cheops.anu.edu.au
	(1.37.109.16/16.2) id AA066992662; Tue, 14 Jan 1997 08:57:42 +1100
From: Darren Reed <avalon@coombs.anu.edu.au>
Subject: Re: IPFILTER
To: chris@mail.bb.cc.wa.us (Chris Coleman)
Date: Tue, 14 Jan 1997 08:57:42 +1100 (EDT)
Cc: tinguely@plains.nodak.edu, brian@awfulhak.demon.co.uk, hackers@freebsd.org
In-Reply-To: <Pine.BSF.3.91.970113103942.478B-100000@mail.bb.cc.wa.us> from "Chris Coleman" at Jan 13, 97 11:02:04 am
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

In some mail from Chris Coleman, sie said:
> 
> Ok, i have a machine on 10.16.14.10
> 
> in the FBSD box i have two network cards.
> 		fxp0 inet 208.8.136.10
> 		fxp1 inet 10.16.14.1
> 
> i have ipfilter loaded in the kernel.
> 
> im using /etc/natrules
> 
> 	map fxp1 10.16.14.0/24 208.8.136.13/24 portmap tcp/udp 1025:65000
> 	map fxp1 10.16.14.0/24 208.8.136.13/24

Try fpx0 instead of fpx1.  When configuring IP Filter for NAT, you always
specify the interface on which the packets exit (or are meant to exit)
the box - i.e. the interface with the real Internet address.

Darren