From owner-freebsd-ipfw  Tue Jul 30  5:57:13 2002
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5348E37B408
	for <freebsd-ipfw@FreeBSD.ORG>; Tue, 30 Jul 2002 05:57:04 -0700 (PDT)
Received: from mail.wsf.at (MAIL.WSF.AT [212.16.37.103])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 3641743E42
	for <freebsd-ipfw@FreeBSD.ORG>; Tue, 30 Jul 2002 05:57:03 -0700 (PDT)
	(envelope-from net@wsf.at)
Received: (from root@localhost)
	by mail.wsf.at (8.11.6/8.9.3) id g6UCuxP08757
	for freebsd-ipfw@FreeBSD.ORG.KAV; Tue, 30 Jul 2002 14:56:59 +0200 (CEST)
	(envelope-from net@wsf.at)
Received: from wsf.at (localhost [127.0.0.1])
	by www.wsf.at (8.11.6/8.9.3) with SMTP id g6UCuwY08741;
	Tue, 30 Jul 2002 14:56:58 +0200 (CEST)
	(envelope-from net@wsf.at)
Message-Id: <200207301256.g6UCuwY08741@www.wsf.at>
Date: Tue, 30 Jul 2002 12:56:58 -0000
To: <philip.reynolds@rfc-networks.ie>, <freebsd-ipfw@FreeBSD.ORG>
Subject: Re: 4.6-RELEASE / NATD + IPFW + keep-state
From: <net@wsf.at>
X-Mailer: TWIG 2.6.2
In-Reply-To: <20020730133246.A18016@rfc-networks.ie>
Sender: owner-freebsd-ipfw@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ipfw.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ipfw>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ipfw>
X-Loop: FreeBSD.ORG

Philip Reynolds <philip.reynolds@rfc-networks.ie> schrieb:

> "Crist J. Clark" <crist.clark@attbi.com> 19 lines of wisdom included:
> > On Mon, Jul 29, 2002 at 02:47:58PM +0000, Philip Reynolds wrote:
> > > Hi,
> > > 
> > > I'm having a few problems with using natd and ipfw.
> > > 
> > > Originally, I was having serious serious problems trying to get
> > > stateful firewalling working with NAT. 
> > 
> > This is a FAQ,
> > 
> >   http://docs.freebsd.org/cgi/getmsg.cgi?
fetch=13412+0+archive/2002/freebsd-net/20020217.freebsd-net
> 
> using ``via'' helped along the way and the setup is currently
> working.
> 
> What was needed was a specification of the public interface _only_
> for the ``NATD'' rule in conjunction with a specification of the
> private interface _only_ for the ``keep-state'' rule. 
> 
> Unfortunately tweaking my rules before, I must have missed this
> combination, although I'm not sure how.
> 
> Thanks for to Crist and Boris for their help.
> 

Hi Philip,

Could you send your working ruleset to the list ?
It would help others in the future...

Thomas Wolf









To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ipfw" in the body of the message