Date: Tue, 10 Sep 2002 00:02:32 +0000 From: "D. Penev" <dpenev@mail.bg> To: Cherie Powell <cpowell1@mindspring.com> Cc: freebsd-questions@FreeBSD.org Subject: Re: One way cable modem/ipfilter Message-ID: <20020910000232.GB313@earth.dpsca.bg> In-Reply-To: <20020909193913.32932937E4@server2.fastmail.fm> References: <20020909193913.32932937E4@server2.fastmail.fm>
next in thread | previous in thread | raw e-mail | index | archive | help
Just a idea, try to forward traffic who came in vx0 to tun0. On Mon, Sep 09, 2002 at 07:39:13PM +0000, Cherie Powell wrote: >Date: Mon, 9 Sep 2002 19:39:13 UT >From: "Cherie Powell" <cpowell1@mindspring.com> >To: freebsd-questions@FreeBSD.org >Subject: Re: One way cable modem/ipfilter > >On Mon, 9 Sep 2002 22:09:37 +0000, "D. Penev" <dpenev@mail.bg> said: >> According to you explanation I suppose that you use ppp -nat to make >> address translation of private ip's , that in this situation is not >> correct. >> Try to use ipnat(8) for ip translation. > >I am doing exactly that. Here's my rules: >#ipnat -l >List of active MAP/Redirect filters: >map tun0 10.8.0.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp >map tun0 10.8.0.0/24 -> 0.0.0.0/32 > >As I said before, it (the firewall) just doesn't seem to know what to >do with the packets when it gets them back through vx0. > >Someone here at work told me it might work to create a loopback >interface and forward all the packets through that. (I'm assuming he >means xl0 -> lo0 -> tun0 and vx0 -> lo0 -> xl0.) He couldn't tell me >how exactly to do that, though. > >I don't suppose any of this prompts any further suggestions? :-) > >Cherie > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message -- Regards, D. Penev To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020910000232.GB313>