From owner-freebsd-questions@FreeBSD.ORG Tue Apr 16 07:05:23 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 081A5FF0 for ; Tue, 16 Apr 2013 07:05:23 +0000 (UTC) (envelope-from sam.gh1986@gmail.com) Received: from mail-la0-x233.google.com (mail-la0-x233.google.com [IPv6:2a00:1450:4010:c03::233]) by mx1.freebsd.org (Postfix) with ESMTP id 899CFF3 for ; Tue, 16 Apr 2013 07:05:22 +0000 (UTC) Received: by mail-la0-f51.google.com with SMTP id fo12so167267lab.24 for ; Tue, 16 Apr 2013 00:05:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type; bh=CApyHFpTv0vcUMq+XsM8nf9wM/KO0PBqVYgM61TdHJY=; b=YWlMyIjcbcchTFBTefEfFBqrtvxld1t1HuhlCchWBF8Ztzoa4ebUZWRLIywIs4IBt7 748AHwaLVqB+1xh8yVTGA//PauGTZGka0U0TNF+NH5MS7rxDXCniF0YGN/TN7/HfDnfu +d/bfYzVwlDM01bIF62Od6Fj5A9CtKedCTGMAxBKN3zZ68sz1CmtdayE3zxIpvvCy4yf GlR2TmgJ+IIAEpkeQ38RV3LI3nrcyx8nxmNIIgKir4qhvnY+VukiJqRm84BXHsaf5jfl gtbf7JTTVZZVKD9gAg2FdamxNb00ZoTyH59eGwVYO014zYzZ0vZk6EaI3583nueHJPPn Ociw== MIME-Version: 1.0 X-Received: by 10.152.87.73 with SMTP id v9mr569128laz.2.1366095921333; Tue, 16 Apr 2013 00:05:21 -0700 (PDT) Received: by 10.112.143.201 with HTTP; Tue, 16 Apr 2013 00:05:21 -0700 (PDT) In-Reply-To: <515D3715.9080206@clari.net.au> References: <515D3715.9080206@clari.net.au> Date: Tue, 16 Apr 2013 11:35:21 +0430 Message-ID: Subject: Re: Fwd: how access inside from outside when nat is done from inside to outside From: s m To: "Daniel O'Callaghan" Content-Type: text/plain; charset=ISO-8859-1 Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Apr 2013 07:05:23 -0000 thanks Danny, but i'm using pf to define rules and pfctl to apply them. first of all it is so important for me to understand what should exactly happen and what is the correct behavior in freebsd. i mean when i define nat from inside to outside, should outside system can access inside systems or not? (for example ping them). i am so confused what is the correct manner. any hints or comments that help to clear it for me, is really appreciated. SAM On 4/4/13, Daniel O'Callaghan wrote: > On 4/04/2013 6:41 PM, s m wrote: >> request packets: src:192.168.2.1----> dst: 192.168.1.1 >> reply packets: src: 192.168.2.50----> dst:192.168.2.1 > This sort of thing tends to happen when the the packets are not being > sent via divert socket properly. > Look carefully, step by step, at your ipfw rules which send packets to > natd. > Also, run natd -v in a separate window instead of running it as a > daemon, and it will show you the packets which go through natd, and what > is done with them. > > regards, > > Danny > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" >