Date: Fri, 11 Dec 2009 15:45:31 +0300 From: =?koi8-r?Q?=E1=CE=C4=D2=C5=CA_=F3=CD=C1=C7=C9=CE?= <samspeed@mail.ru> To: freebsd-current@freebsd.org Subject: ipfw setfib+nat drop localy borned packets Message-ID: <E1NJ4sF-0005Zh-00.samspeed-mail-ru@f212.mail.ru>
next in thread | raw e-mail | index | archive | help
ipfw drop packets borned on local PC, but from another all work fine bridge0 172.17.1.200/16 tap1 192.168.6.2/24 ipfw nat 2 config ip 192.168.6.2 same_ports route add default 172.17.1.200 setfib -F 2 route add default 192.168.6.1 ipfw add 10000 skipto 50206 ip from 172.17.0.0/16 to not 172.17.0.0/16 ipfw add 50205 nat 2 ip from any to 192.168.6.2 ipfw add 50206 setfib 2 ip from any to any ipfw add 50207 nat 2 log ip from any to any ---------------------- from local machine: PING internet (xxx.xxx.xxx.xx): 56 data bytes ping: sendto: Host is down ping: sendto: Host is down ping: sendto: Host is down tail /var/log/messages kernel: ipfw: 50207 Nat ICMP:8.0 172.17.1.200 internet out via bridge0 ----------------------- from another host in 172.17.0.0/16 network all packets routed rightly
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E1NJ4sF-0005Zh-00.samspeed-mail-ru>