From owner-freebsd-questions  Tue Feb 22 23:14:24 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from mx2.x-treme.gr (mx2.x-treme.gr [212.120.192.15])
	by hub.freebsd.org (Postfix) with ESMTP id E148937B7B3
	for <freebsd-questions@FreeBSD.ORG>; Tue, 22 Feb 2000 23:14:13 -0800 (PST)
	(envelope-from keramida@ceid.upatras.gr)
Received: from hades.hell.gr (pat58.x-treme.gr [212.120.197.250])
	by mx2.x-treme.gr (8.9.3/8.9.3/IPNG-ADV-ANTISPAM-0.1) with ESMTP id JAA27559;
	Wed, 23 Feb 2000 09:13:51 +0200
Received: (from charon@localhost)
	by hades.hell.gr (8.9.3/8.9.3) id IAA00725;
	Wed, 23 Feb 2000 08:40:51 +0200 (EET)
	(envelope-from keramida@ceid.upatras.gr)
Date: Wed, 23 Feb 2000 08:40:50 +0200
From: Giorgos Keramidas <keramida@ceid.upatras.gr>
To: Sabre <sabre@sabresdomain.com>
Cc: FreeBSD Question List <freebsd-questions@FreeBSD.ORG>
Subject: Re: Quick IPFW rule help...
Message-ID: <20000223084050.A683@hades.hell.gr>
Reply-To: keramida@ceid.upatras.gr
References: <20000218153825.A6630@hades.hell.gr> <Pine.BSF.4.21.0002212215050.3274-100000@sabre1.sabresdomain.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <Pine.BSF.4.21.0002212215050.3274-100000@sabre1.sabresdomain.com>; from sabre@sabresdomain.com on Mon, Feb 21, 2000 at 10:18:22PM +0000
X-PGP-Fingerprint: 62 45 D1 C9 26 F9 95 06  D6 21 2A C8 8C 16 C0 8E
X-Phone-Number: +30-94-6203692, +30-93-2886457
X-Address: Theodorou Kirinaiou 61, 26334 Patra, Greece
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Mon, Feb 21, 2000 at 10:18:22PM +0000, Sabre wrote:
> Still didn't help :/  This is really fustrating!  Here are the rules that
> I am using for this:
> $fwcmd add pass udp from any to any 17590-17599 in recv ${oif}
> $fwcmd add pass udp from any 17590-17599 to any out xmit ${oif}
> $fwcmd add pass all from any to any out xmit ${oif}
> $fwcmd add pass all from any to any via ${iif}
> $fwcmd add pass tcp from any to any in recv ${oif} established
> 
> where oif=outside interface and iif=inside interface.

You do have forwarding enabled between your interfaces, don't you?

You can see if this is enabled, with

	% sysctlnet.inet.ip.forwarding
	net.inet.ip.forwarding: 0

If this is zero, as in my machine which has one interface only, you can
enable it termporarily with:

	% sysctl -w net.inet.ip.forwarding=1

and, to have it enabled each time you reboot, set in your rc.conf the
following variable:

	gateway_enable=YES

-- 
Giorgos Keramidas, < keramida @ ceid . upatras . gr >
For my public PGP key: finger keramida@diogenis.ceid.upatras.gr
PGP fingerprint, phone and address in the headers of this message.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message