From owner-freebsd-ipfw Sun Feb 24 20: 9:38 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from sithdroid.ns1.com.br (sithdroid.ns1.com.br [200.185.44.17]) by hub.freebsd.org (Postfix) with ESMTP id 6938F37B400 for ; Sun, 24 Feb 2002 20:09:32 -0800 (PST) Received: from ivan (20217.virtua.com.br [200.213.202.17] (may be forged)) by sithdroid.ns1.com.br (8.12.2/8.12.2) with SMTP id g1P49FeO002195 for ; Mon, 25 Feb 2002 01:09:18 -0300 (BRT) Message-ID: <000e01c1bcea$9ac5ada0$11cad5c8@mshome.net> From: "Ivan Coimbra" To: Subject: IPFW really doesn't work with non-local adresses!!! Date: Sun, 24 Feb 2002 01:20:32 -0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, I am using FreeBSD 4.5, totally updated by the last RELENG_4. Internal Interface: 10.2.7.89 External Interface: 200.122.56.78 I need use the ipfw forward (NO NAT!!!), the packages cannot be changed, it has to maintain its original source! My active options in kernel are: options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_FORWARD net.inet.ip.forwarding: 1 Rules: su-2.05a #ipfw show 00100 20 1053 fwd 10.2.7.89,25 tcp from any to any 80 65535 20758 3155253 allow ip from any to any This works perfectly, because 10.2.7.89 are a local address!! But when I try with non-local addresses: su-2.05a #ipfw show 00100 20 1053 fwd 10.2.7.90,25 tcp from any to any 80 65535 20758 3155253 allow ip from any to any NOTHING WORKS!! PS: 10.2.7.90 are the same network! Can anybody help me?? There are days I don't get any answer! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message