Date: Tue, 24 Apr 2007 10:29:52 -0300 From: Patrick Tracanelli <eksffa@freebsdbrasil.com.br> To: ipfw@freebsd.org Subject: Re: ipfw with nat - allowing by MAC address Message-ID: <462E0650.50607@freebsdbrasil.com.br> In-Reply-To: <937e203f0704240111s303ddd5dt16a6587f06bba471@mail.gmail.com> References: <937e203f0704240111s303ddd5dt16a6587f06bba471@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Lubomir Georgiev escreveu: > Julian if you mean > this<http://lists.freebsd.org/pipermail/freebsd-ipfw/2007-April/002957.html>; > > > Then I did received it but Patrick's setup seemed much easier and he > claimed that it worked. This is why I decided to try his first. > But now that I've re-examined it I see that it's not that much more > complicated. I will try it tonight, but it the mean time if you have time > you can have a look at Patrick's ruleset. > > 10x everyone for your efforts. > The rules I sent you are still working right now ;) Just tested it again. If you could give us the pleasure to see your loaded rules when it does not work, as well as uname -a and sysctl -a | egrep "one_pass\|ether", this would help to. Try to minimize your setup only to the rules you are working in, since if existing, other rules unrelated to layer2 or upper layers may be matching first. -- Patrick Tracanelli FreeBSD Brasil LTDA. (31) 3281-9633 / 3281-3547 316601@sip.freebsdbrasil.com.br http://www.freebsdbrasil.com.br "Long live Hanin Elias, Kim Deal!"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?462E0650.50607>