Date: Fri, 13 Apr 2001 22:21:23 -0500 From: "Ryan VanMiddlesworth" <ryanvm@ci.richmond.in.us> To: "Mark Woodson" <mwoodson@wloq.com> Cc: <freebsd-questions@freebsd.org> Subject: Re: IPNAT not working with SOME websites Message-ID: <000001c0c675$cd1eb970$0401010a@RYANVM5300> References: <5.0.2.1.0.20010413110616.02356ec0@192.168.100.3>
next in thread | previous in thread | raw e-mail | index | archive | help
----- Original Message ----- From: "Mark Woodson" <mwoodson@wloq.com> To: "Ryan VanMiddlesworth" <ryanvm@ci.richmond.in.us> Cc: <freebsd-questions@freebsd.org> Sent: Friday, April 13, 2001 10:10 AM Subject: Re: IPNAT not working with SOME websites > At 10:59 AM 4/11/2001 -0500, Ryan VanMiddlesworth wrote: > >I have a dedicated Internet connection to a particular box running FreeBSD > >4.2-STABLE that serves as a gateway. The box has two NICs - one to the > >Internet (208.196.36.248) and the other to my internal network > >(10.1.0.0/16). I have setup ipfilter and am using ipnat to masquerade the > >10.1.0.0 addresses as the 208.196.36.248. > > [snipped] > > >Here are my ipnat rules: > > map ed0 10.1.0.0/16 -> 208.196.36.248/32 proxy port ftp ftp/tcp > > map ed0 10.1.0.0/16 -> 208.196.36.248/32 portmap tcp/udp 10000:40000 > > map ed0 10.1.0.0/16 -> 208.196.36.248/32 > > > >So, what am I doing wrong? I've setup masquerading on Linux a million times > >(using ipchains) and I've never had any problems like this. I'm am fairly > >certain it must be something I'm doing, just because it's such an easily > >reproducible problem that I can't believe no one has ever seen (and fixed) > >it. > > Are you sure it's not your filter rules? That sounds much more like you've > got something confused with your filter. Have you tried commenting out > everything and just putting "pass in all" and "pass out all" to see if that > fixes it? If it does then just add the rules back in one at a time until > you find out which one it is that's breaking it. Your NAT rules don't look > like there's an error in them to me. No, I've set ipf's rules to pass everthing and that doesn't help at all. I've really trimmed the configuration down to the bare minimum to simplify things and it still doesn't work properly. Ryan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000001c0c675$cd1eb970$0401010a>