Date: Mon, 08 Oct 2007 20:11:56 +0900 From: Randy Bush <randy@psg.com> To: Paolo Pisati <piso@freebsd.org> Cc: FreeBSD Net <freebsd-net@freebsd.org>, "Andrey V. Elsukov" <bu7cher@yandex.ru> Subject: Re: ipfw nat befuddlement Message-ID: <470A107C.9000509@psg.com> In-Reply-To: <20071008082256.GA9098@tin.it> References: <4708D2EE.4010405@psg.com> <4709D44E.5050305@psg.com> <4709D647.1050803@yandex.ru> <20071008082256.GA9098@tin.it>
next in thread | previous in thread | raw e-mail | index | archive | help
>>> # grep -n nat /etc/ipfw.rules >>> 33:add nat 123 all from any to any >>> 34:add nat 123 config if vr0 >> ^^^^^^^^ - add is not needed here. thanks andrey > ipfw nat crash course: > echo "net.inet.ip.fw.one_pass=0" >> /etc/sysctl.conf > and manually add: > ipfw nat 123 config if $IF log > ipfw add nat 123 ip4 from any to any via $IF hmmm. did that. see below > or substisute natd_enable/natd_interface in rc.conf with: > firewall_nat_enable="yes" > firewall_nat_interface="$IF" aha! that stuff is not in /etc/defaults/rc.conf extracted from /etc/rc.conf ifconfig_vr0=DHCP ifconfig_ath0="192.168.0.1 channel 4 ssid foo mediaopt hostap up" gateway_enable=YES # grep nat /etc/ipfw.rules nat 42 config if vr0 log add nat 42 ip4 from any to any via vr0 # sysctl net.inet.ip.fw.one_pass net.inet.ip.fw.one_pass: 0 system boots and vr0 gets a dhcp address successfully dhcpd is running wireless client successfully associates with ath0, but can not get dhcp address Oct 8 11:05:33 soek0 dhcpd: DHCPDISCOVER from 00:18:de:21:76:c9 via ath0 Oct 8 11:05:33 soek0 dhcpd: DHCPOFFER on 192.168.0.10 to 00:18:de:21:76:c9 via ath0 using wireshark on the client, i see the request but not the response. randy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?470A107C.9000509>