From owner-freebsd-ipfw@FreeBSD.ORG Wed Nov 28 10:39:39 2007 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7672916A41A for ; Wed, 28 Nov 2007 10:39:39 +0000 (UTC) (envelope-from tobias@netconsultoria.com.br) Received: from srv1.netconsultoria.com.br (srv1.netconsultoria.com.br [189.1.176.252]) by mx1.freebsd.org (Postfix) with ESMTP id B5C5713C45A for ; Wed, 28 Nov 2007 10:39:38 +0000 (UTC) (envelope-from tobias@netconsultoria.com.br) Received: from [172.16.16.100] (mailgw.ntelecom.com.br [189.1.176.249]) (authenticated bits=0) by srv1.netconsultoria.com.br (8.13.8/8.13.3) with ESMTP id lASABHAm048677; Wed, 28 Nov 2007 08:11:20 -0200 (BRST) (envelope-from tobias@netconsultoria.com.br) Message-ID: <474D3EC5.5070102@netconsultoria.com.br> Date: Wed, 28 Nov 2007 08:11:17 -0200 From: "Tobias P. Santos" User-Agent: Thunderbird 1.5.0.7 (X11/20060909) MIME-Version: 1.0 To: Sam Wun References: <736c47cb0711271803o46dd89d8te49d5969fd358d15@mail.gmail.com> In-Reply-To: <736c47cb0711271803o46dd89d8te49d5969fd358d15@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: ClamAV 0.88.7/4934/Tue Nov 27 21:17:17 2007 on srv1.netconsultoria.com.br X-Virus-Status: Clean Cc: freebsd-ipfw@freebsd.org Subject: Re: ipfw forwarding doesn't work - for more than 2 months. --- please help X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Nov 2007 10:39:39 -0000 Sam Wun wrote: > Hi, > > I setup the following ipfw rules in freebsd 6.2: > belmore# ipfw list > 00001 allow udp from any to any dst-port 500 > 00001 allow esp from any to any > 00001 allow esp from any to any > 00001 allow ipencap from any to any > 00001 allow ipencap from any to any > 00020 fwd 192.168.1.222 ip from any to 220.233.24.213 dst-port 80 in Try to remove the "in" keyword on rule 20 and see if it works. Regars, Tobias.