From owner-freebsd-questions@FreeBSD.ORG Tue Sep 11 03:45:40 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 391AB16A481 for ; Tue, 11 Sep 2007 03:45:40 +0000 (UTC) (envelope-from freebsd-questions@m.gmane.org) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by mx1.freebsd.org (Postfix) with ESMTP id B6AF513C469 for ; Tue, 11 Sep 2007 03:45:39 +0000 (UTC) (envelope-from freebsd-questions@m.gmane.org) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1IUtfz-0007Gp-Ne for freebsd-questions@freebsd.org; Tue, 11 Sep 2007 02:32:24 +0200 Received: from lara.cc.fer.hr ([161.53.72.113]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 11 Sep 2007 02:32:23 +0200 Received: from ivoras by lara.cc.fer.hr with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 11 Sep 2007 02:32:23 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-questions@freebsd.org From: Ivan Voras Date: Mon, 10 Sep 2007 11:16:39 +0200 Lines: 37 Message-ID: References: <127823.54280.qm@web34607.mail.mud.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-ripemd160; protocol="application/pgp-signature"; boundary="------------enig54869093AD563005315EB0F9" X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: lara.cc.fer.hr User-Agent: Thunderbird 1.5.0.12 (X11/20060911) In-Reply-To: <127823.54280.qm@web34607.mail.mud.yahoo.com> X-Enigmail-Version: 0.94.4.0 Sender: news X-UiO-SPF-Received: Received-SPF: pass (mail-mx8.uio.no: domain of sea.gmane.org designates 80.91.229.5 as permitted sender) client-ip=80.91.229.5; envelope-from=news@sea.gmane.org; helo=sea.gmane.org; X-UiO-Spam-info: not spam, SpamAssassin (score=-3.0, required=12.0, autolearn=disabled, UIO_RECEIVED_FROM_NORWAY=-3) X-UiO-Scanned: 811EA5F2DA1FDD0D8A855325A29CDDC2B7219C89 X-UiO-SPAM-Test: remote_host: 80.91.229.5 spam_score: -29 maxlevel 200 minaction 2 bait 0 mail/h: 12 total 269 max/h 18 blacklist 0 greylist 0 ratelimit 0 Subject: Re: natd / ipfw services on internal interface X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Sep 2007 03:45:40 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig54869093AD563005315EB0F9 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable Joe wrote: > I have a question about natd/ and ipfw. I am running natd on my extern= al interface and I have some services on my internal interface.=20 >=20 > The services seem to be getting their ip addresses nat'd and some of th= em work and some of them dont. =20 >=20 > Any idea how to prevent things from going into natd? You should specify more information about your setup, but generally you=20 should be able to just insert a rule like "ipfw add xxx allow ip from=20 mynet/mask to mynet/mask", where "xxx" is the rule-number BEFORE your=20 natd redirection rule-number and mynet/mask describes your internal netwo= rk. --------------enig54869093AD563005315EB0F9 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFG5Qt4ldnAQVacBcgRA+LdAKDJl/ZT+tg7EZAg1ymQW0SNAAp4cQCfQtYU 9vz3Y1B7ADnNBzqKESuDREY= =I1LU -----END PGP SIGNATURE----- --------------enig54869093AD563005315EB0F9--