From owner-freebsd-stable  Tue Nov 14  3:39:21 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from smtp.wedgev.com (cm57-70.liwest.at [212.33.57.70])
	by hub.freebsd.org (Postfix) with ESMTP id B8CF937B479
	for <freebsd-stable@freebsd.org>; Tue, 14 Nov 2000 03:39:18 -0800 (PST)
Received: from wedge by smtp.wedgev.com with local (Exim 3.16 #1 (FreeBSD))
	id 13veP8-00005j-00; Tue, 14 Nov 2000 12:37:34 +0100
Date: Tue, 14 Nov 2000 12:37:34 +0100
From: Bernhard Valenti <bernhard.valenti@gmx.net>
To: Wim Olivier <wimo@osiricom.co.za>
Cc: FreeBSD-stable <freebsd-stable@freebsd.org>
Subject: Re: natd & ipfw on FreeBSD 4.0-RELEASE issues
Message-ID: <20001114123734.A312@cipher.home.at>
Reply-To: Bernhard Valenti <bernhard.valenti@gmx.net>
References: <3A10EB89.4A7D301D@osiricom.co.za>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <3A10EB89.4A7D301D@osiricom.co.za>; from wimo@osiricom.co.za on Tue, Nov 14, 2000 at 09:36:41AM +0200
X-Operating-System: FreeBSD i386
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

not to be bitching, but i got this mail 3 times...
try tcpdump on the natd box.
looks like natd doesnt rewrite the source address.

regards,
bernhard valenti

On Tue, Nov 14, 2000 at 09:36:41AM +0200, Wim Olivier wrote:
> Hi all,
> 
> I'm running FBSD 4.0-RELEASE with two nics, using natd & ipfw.
> Set is "perfect" and using 'open' firewall type in /etc/rc.conf.
> When I ping through the BSD nat box to my internet router or from the
> BSD box to the router I see the packets arrive at the router (activity
> on the router LAN port), but no packets are being received.
> 
> In other words, it works one-way but not the other way.
> This is my nat config:
> 
> 00100    9    316    divert 8668 ip from any to any via ed2
> 00100    0    0        allow ip from any to any via lo0
> 00200    0    0        deny ip from any to 127.0.0.0/8
> 65000    494    41247    allow ip from any to any
> 65535    0    0        deny ip from any to any
> 
> Any thoughts?
> Thanks.
> 
> 
> --
> Kind Regards,
> 
> Wim Olivier


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message