Date: Thu, 3 Sep 2015 11:46:14 -0300 From: Mario Lobo <lobo@bsd.com.br> To: Sergey Grigorian <grigorian@theconcept.ru> Cc: Mike Tancsa <mike@sentex.net>, "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: 10.2-RELEASE not forwarding packets/NATing with pf Message-ID: <20150903114614.17c98a13@Papi> In-Reply-To: <5C137CAA56211A448C4F58E75EFB6266C285E5CC@EXCHANGE.lan.theconcept.ru> References: <5C137CAA56211A448C4F58E75EFB6266C285B582@EXCHANGE.lan.theconcept.ru> <55E84B51.7070103@sentex.net> <5C137CAA56211A448C4F58E75EFB6266C285E5CC@EXCHANGE.lan.theconcept.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 3 Sep 2015 14:04:54 +0000 Sergey Grigorian <grigorian@theconcept.ru> wrote: > > On 9/3/2015 7:49 AM, Sergey Grigorian wrote: > > > > > > And here's /etc/sysctl.conf: > > > > > > net.inet.ip.forwarding=1 > > > > > > Hi, > > This does not work the way it might have in the past. Make > > sure you set gateway_enable="YES" > > in /etc/rc.conf > > otherwise, devd and /etc/rc.d/routing will reset > > net.inet.ip.forwarding to 0 on certain network events. > > > > ---Mike > > Mike, > thanks for your suggestion. > I have gateway_enable="YES" set in /etc/rc.conf > Is there anything else I miss? > > Here's the /etc/rc.conf itself: > defaultrouter=172.16.0.1 > ifconfig_hn0="inet 172.16.0.3 netmask 255.255.255.0" > ifconfig_hn0_alias0="inet 172.16.0.4 netmask 255.255.255.255" > ifconfig_hn1="inet 172.16.1.1 netmask 255.255.255.0" > ifconfig_hn1_alias0="inet 172.16.1.7 netmask 255.255.255.255" > gateway_enable="YES" > pf_enable="YES" > pflog_enable="YES" > sshd_enable="YES" > ntpd_enable="YES" > ntpd_sync_on_start="YES" > cron_enable="YES" > cron_flags="-j 60 -J 60" > syslogd_flags="-ss" > sendmail_enable="NO" > sendmail_submit_enable="NO" > sendmail_outbound_enable="NO" > sendmail_msp_queue_enable="NO" > accounting_enable="YES" > tcp_drop_synfin="YES" > icmp_drop_redirect="YES" > clear_tmp_enable="YES" > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" I know this sounds obvious but do you have device pf device pflog in your kernel? or pf.ko loaded ? -- Mario Lobo http://www.mallavoodoo.com.br FreeBSD since 2.2.8 [not Pro-Audio.... YET!!] "UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150903114614.17c98a13>