From owner-freebsd-questions@FreeBSD.ORG  Tue Jul 20 17:04:00 2010
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 33504106564A
	for <freebsd-questions@freebsd.org>;
	Tue, 20 Jul 2010 17:04:00 +0000 (UTC)
	(envelope-from norgaard@locolomo.org)
Received: from mail.locolomo.org (97.pool85-48-194.static.orange.es
	[85.48.194.97]) by mx1.freebsd.org (Postfix) with ESMTP id D66B58FC19
	for <freebsd-questions@freebsd.org>;
	Tue, 20 Jul 2010 17:03:59 +0000 (UTC)
Received: from beta.local (business-088-079-092-162.static.arcor-ip.net
	[88.79.92.162])
	by mail.locolomo.org (Postfix) with ESMTPSA id 32CE51C0871
	for <freebsd-questions@freebsd.org>;
	Tue, 20 Jul 2010 19:03:57 +0200 (CEST)
Message-ID: <4C45D6FC.5010601@locolomo.org>
Date: Tue, 20 Jul 2010 19:03:56 +0200
From: Erik Norgaard <norgaard@locolomo.org>
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US;
	rv:1.9.2.4) Gecko/20100608 Lightning/1.0b2 Thunderbird/3.1
MIME-Version: 1.0
To: freebsd-questions@freebsd.org
References: <AANLkTilVTo36Fzdh2DKAQhRjyDj8MNUuV9dhwvQ7Gf-V@mail.gmail.com>	<AANLkTinh0CykJ1Av3f2THPDFOLS0YtYLDvRMHXm_wD3w@mail.gmail.com>	<4C3F91CF.5090206@locolomo.org>	<AANLkTin6hYyHiG8taifkNHPBtKI0rKOkAaGRYodV1LLC@mail.gmail.com>	<4C419944.8030702@locolomo.org>	<AANLkTin8H47Z7suztGnWpa8fm-XIagQ6vzlxP85OIT-B@mail.gmail.com>	<4C447F7F.6020308@locolomo.org>	<AANLkTinM1E2Obrs8VqSsm3S_jcXqbw_Q1YLkc51tgJsS@mail.gmail.com>	<4C45CBA3.9020800@comclark.com>
	<AANLkTileySmaFe4WCud1_MFWXnlHsnNF6DEQUgsmSHE1@mail.gmail.com>
In-Reply-To: <AANLkTileySmaFe4WCud1_MFWXnlHsnNF6DEQUgsmSHE1@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: ipnat.conf - map and rdr won't work!
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Jul 2010 17:04:00 -0000

On 20/07/10 18.37, alexus wrote:

>> You are running 2 different firewalls at the same time.
>> comment out
>> firewall_enable="YES"
>> firewall_type="open"
>>
>> and reboot your system.
> do you know that for a fact or you just guessing??
>
> because first of all it worked before just fine with 2 firewalls
> second i disabled firewall, so firewall is no longer an issue
> third i have another system just like that that runs 2 firewall and
> everything working just fine!
>
> if you dont know the answer there is no need to throw just any answer
> as its pretty clear that this isn't the right answer

Regardless of your previous experience, it is a bad idea to have two 
different firewalls configured and enabled at the same time. It provides 
no additional security and makes debugging a mess.

Have you considered the possibility of both ipfw and ipfilter doing both 
filtering and nat?

Another thing, I think I've mentioned before, you may have to reload 
firewall/nat rules after the jail starts.

BR, Erik