From owner-freebsd-net@FreeBSD.ORG Mon May 19 12:17:12 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E2FEF1065689; Mon, 19 May 2008 12:17:12 +0000 (UTC) (envelope-from sclark46@earthlink.net) Received: from elasmtp-dupuy.atl.sa.earthlink.net (elasmtp-dupuy.atl.sa.earthlink.net [209.86.89.62]) by mx1.freebsd.org (Postfix) with ESMTP id A9E638FC1D; Mon, 19 May 2008 12:17:12 +0000 (UTC) (envelope-from sclark46@earthlink.net) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=Jolp9bRriViFbmzPgs2pVOLyuj5u8GQoc7BrXDp90aW0603/8O7KGAMJrdG9GyF8; h=Received:Message-ID:Date:From:Reply-To:User-Agent:MIME-Version:To:CC:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP; Received: from [24.144.77.185] (helo=joker.seclark.com) by elasmtp-dupuy.atl.sa.earthlink.net with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.67) (envelope-from ) id 1Jy41R-0006pq-Qw; Mon, 19 May 2008 07:59:21 -0400 Message-ID: <48316B98.5010503@earthlink.net> Date: Mon, 19 May 2008 07:59:20 -0400 From: Stephen Clark User-Agent: Thunderbird 2.0.0.14 (X11/20080501) MIME-Version: 1.0 To: linimon@freebsd.org References: <200805182247.m4IMlYqq015759@freefall.freebsd.org> In-Reply-To: <200805182247.m4IMlYqq015759@freefall.freebsd.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-ELNK-Trace: a437fbc6971e80f61aa676d7e74259b7b3291a7d08dfec7998a3fb009baedc987b502ad52f3effa0350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 24.144.77.185 Cc: freebsd-net@freebsd.org, gnats-admin@freebsd.org Subject: Re: kern/123796: FreeBSD 6.1+VPN+ipnat+ipf: port mapping does not work X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: sclark46@earthlink.net List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2008 12:17:13 -0000 linimon@freebsd.org wrote: > Old Synopsis: Port mapping does not work > New Synopsis: FreeBSD 6.1+VPN+ipnat+ipf: port mapping does not work > > Responsible-Changed-From-To: gnats-admin->freebsd-net > Responsible-Changed-By: linimon > Responsible-Changed-When: Sun May 18 22:45:21 UTC 2008 > Responsible-Changed-Why: > Rescue this PR from the 'pending' category. > > http://www.freebsd.org/cgi/query-pr.cgi?pr=123796 > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > I had a similar problem until I turned on "options IPSEC_FILTERGIF" in my kernel config. Otherwise stuff coming out of the vpn tunnel doesn't go thru ipf. Steve -- "They that give up essential liberty to obtain temporary safety, deserve neither liberty nor safety." (Ben Franklin) "The course of history shows that as a government grows, liberty decreases." (Thomas Jefferson)