From owner-freebsd-net@FreeBSD.ORG Mon Oct 8 22:27:37 2007 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A9EEF16A417 for ; Mon, 8 Oct 2007 22:27:37 +0000 (UTC) (envelope-from piso@southcross.wired.org) Received: from mail.oltrelinux.com (krisma.oltrelinux.com [194.242.226.43]) by mx1.freebsd.org (Postfix) with ESMTP id 5A70313C448 for ; Mon, 8 Oct 2007 22:27:37 +0000 (UTC) (envelope-from piso@southcross.wired.org) Received: from southcross.wired.org (host-84-221-193-59.cust-adsl.tiscali.it [84.221.193.59]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.oltrelinux.com (Postfix) with ESMTP id 1274511AE50; Tue, 9 Oct 2007 00:27:36 +0200 (CEST) Received: (from piso@localhost) by southcross.wired.org (8.14.1/8.14.1/Submit) id l98MRgZE011773; Tue, 9 Oct 2007 00:27:42 +0200 (CEST) (envelope-from piso) Date: Tue, 9 Oct 2007 00:27:42 +0200 From: Paolo Pisati To: Randy Bush Message-ID: <20071008222742.GC10716@tin.it> References: <4708D2EE.4010405@psg.com> <4709D44E.5050305@psg.com> <4709D647.1050803@yandex.ru> <20071008082256.GA9098@tin.it> <470A107C.9000509@psg.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <470A107C.9000509@psg.com> User-Agent: Mutt/1.5.16 (2007-06-09) X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at krisma.oltrelinux.com Cc: FreeBSD Net , "Andrey V. Elsukov" , Paolo Pisati Subject: Re: ipfw nat befuddlement X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Oct 2007 22:27:37 -0000 On Mon, Oct 08, 2007 at 08:11:56PM +0900, Randy Bush wrote: > > or substisute natd_enable/natd_interface in rc.conf with: > > firewall_nat_enable="yes" > > firewall_nat_interface="$IF" > > aha! that stuff is not in /etc/defaults/rc.conf ops... forgot to commit it... :P > extracted from /etc/rc.conf > > ifconfig_vr0=DHCP > ifconfig_ath0="192.168.0.1 channel 4 ssid foo mediaopt hostap up" > gateway_enable=YES > > # grep nat /etc/ipfw.rules > nat 42 config if vr0 log > add nat 42 ip4 from any to any via vr0 > > # sysctl net.inet.ip.fw.one_pass > net.inet.ip.fw.one_pass: 0 > > system boots and vr0 gets a dhcp address successfully > > dhcpd is running > > wireless client successfully associates with ath0, but can not get dhcp > address is your ruleset/config ok? can you post it? try to substitute the "nat 42 ip4 from any to any via vr0" rule with a divert rule, and config & start natd: does it config work as expected? bye, P.