Date: Tue, 30 Mar 1999 16:53:43 -0800 From: "Michael Bryan" <fbsd-isp@ursine.com> To: "Troy Settle" <rewt@i-Plus.net>, "(ML) FreeBSD ISP" <freebsd-isp@FreeBSD.ORG> Subject: Re: IPFW - NATD Weirdness Message-ID: <199903301653430000.573D8A4A@quaggy.ursine.com> In-Reply-To: <Pine.BSF.4.10.9903301819020.17275-100000@buggy.i-plus.net> References: <Pine.BSF.4.10.9903301819020.17275-100000@buggy.i-plus.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Troy Settle wrote: >[...] >Coming off the FreeBSD box on ed2, is a customer network (10.10.100.0/24) > ># ifconfig -a >ed1: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > inet 209.100.20.126 netmask 0xffffffe0 broadcast 209.100.20.127 > ether 00:60:67:65:b0:30 >ed2: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > inet 10.10.100.1 netmask 0xffffff00 broadcast 10.10.100.255 > ether 00:60:67:4e:23:b2 > >natd is running bare: natd -n ed1 > >Everything works fine until I add the ipfw rules to enable network address >translation: > > ipfw add 00100 pass all from any to any via lo0 > ipfw add 00200 deny all from any to 127.0.0.0/8 > ipfw add 00300 divert natd all from any to any via ed1 > ipfw add 65535 allow ip from any to any If ed2 contains the addresses you want to hide/translate, then shouldn't you have "natd -n ed2", as well as "via ed2" in the ipfw divert rule? Michael Bryan fbsd-isp@ursine.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903301653430000.573D8A4A>