From owner-freebsd-stable Tue Nov 14 0: 1: 2 2000 Delivered-To: freebsd-stable@freebsd.org Received: from osiris.osiricom.co.za (rdg-dial-196-30-237-191.mweb.co.za [196.30.237.191]) by hub.freebsd.org (Postfix) with ESMTP id CF75837B479 for ; Tue, 14 Nov 2000 00:00:54 -0800 (PST) Received: from osiricom.co.za (boesman [192.168.1.30]) by osiris.osiricom.co.za (8.8.8/SCO5) with ESMTP id JAA04529 for ; Tue, 14 Nov 2000 09:35:26 -0200 (SAT) Message-ID: <3A10128C.FAE151D2@osiricom.co.za> Date: Mon, 13 Nov 2000 18:10:52 +0200 From: Wim Olivier Reply-To: wimo@osiricom.co.za Organization: Osiricom Professional Services X-Mailer: Mozilla 4.72 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: FreeBSD-stable Subject: natd & ipfw on FreeBSD 4.0-RELEASE Content-Type: multipart/mixed; boundary="------------004E72D227BA5C12EBF9158E" Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. --------------004E72D227BA5C12EBF9158E Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi all, I'm running FBSD 4.0-RELEASE with two nics, using natd & ipfw. Set is "perfect" and using 'open' firewall type in /etc/rc.conf. When I ping through the BSD nat box to my internet router or from the BSD box to the router I see the packets arrive at the router (activity on the router LAN port), but no packets are being received. In other words, it works one-way but not the other way. This is my nat config: 00100 9 316 divert 8668 ip from any to any via ed2 00100 0 0 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 65000 494 41247 allow ip from any to any 65535 0 0 deny ip from any to any Any thoughts? Thanks. -- Kind Regards, Wim Olivier Principal Consultant - UNIX Systems Professional Services (Africa & Middle East) OSIRICOM Holdings (Pty) Ltd. - South Africa Mobile : +27 (0) 82 6553599 http://www.osiricom.co.za Tel : +27 11 802 7415 Fax : +27 11 802 5853 --------------004E72D227BA5C12EBF9158E Content-Type: text/x-vcard; charset=us-ascii; name="wimo.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Wim Olivier Content-Disposition: attachment; filename="wimo.vcf" begin:vcard n:Olivier;Wim tel;cell:+27 (0) 82 655 3599 tel;fax:+27 (0) 11 802 5853 tel;work:+27 (0) 11 802 7415 x-mozilla-html:TRUE url:http://www.osiricom.co.za org:Osiricom Holdings (Pty) Ltd.;Professional Services Division version:2.1 email;internet:wimo@osiricom.co.za title:Principal Consultant adr;quoted-printable:;;16 Ashwood Place=0D=0AMomentum Office Park=0D=0AWoodmead;Johannesburg;Gauteng;;South Africa note;quoted-printable:Osiricom's Professional Services Division is the de facto source=0D=0Afor Professional Services in Africa & the Middle East region.=0D=0A=0D=0AOperating Systems Specilization:=0D=0A=0D=0A * UNIX (all)=0D=0A * IBM AS/400 (including specialized printing solutions)=0D=0A * NT / Win2000=0D=0A * Tarantella & Citrix Server Based (Thin Client) Computing=0D=0A=0D=0AFor more information please e-mail info@osiricom.co.za fn:Wim Olivier end:vcard --------------004E72D227BA5C12EBF9158E-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message