Date: Fri, 30 Apr 2010 07:17:29 -0400 From: Lee Dilkie <Lee@dilkie.com> To: Robert Huff <roberthuff@rcn.com> Cc: ipfw@freebsd.org Subject: Re: help wanted with NAT under ipfw Message-ID: <4BDABC49.2040600@dilkie.com> In-Reply-To: <19418.39843.266203.180601@jerusalem.litteratus.org> References: <19418.39843.266203.180601@jerusalem.litteratus.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 4/30/2010 4:58 AM, Robert Huff wrote: > I have been trying to get NAT working under ipfw on: > > FreeBSD 9.0-CURRENT #0: Fri Apr 23 11:34:17 EDT 2010 amd64 > > and failing. > The ipfw part works fine. I'm using: > > ipfw_load="YES" > ipfw_nat_load="YES" # in-kernel ipfw nat > libalias_load="YES" # for in-kernel ipfw nat > > my ipfw rules are appended. > However, the moment I do this: > > ipfw add 5000 nat 15 all from any to any > ipfw nat 15 config log same_ports if em0 > > the machine is cut off from the outside world. Removing that > rule makes things right again. (Obviously checking whether NAT is > happening is useless.) > I've read the man page; I've read the Handbook. Neither are > helpful. > What am I doing wrong? > > Not an expert by any means, but I put the config line first and it matches the same number as the nat rule. ie. ipfw nat 5000 config ... ipfw add nat 5000 ipv4 from any to any via fxp0 (I specify the interface) not sure if that'll help. -lee
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BDABC49.2040600>