Date: Wed, 19 Mar 2008 17:22:29 -0400 From: Robert Huff <roberthuff@rcn.com> To: Christopher Cowart <ccowart@rescomp.berkeley.edu> Cc: questions@freebsd.org Subject: Re: (more) confusion configuring NAT Message-ID: <18401.33813.132534.954227@jerusalem.litteratus.org> In-Reply-To: <20080319205600.GJ39509@hal.rescomp.berkeley.edu> References: <18401.29043.824662.173177@jerusalem.litteratus.org> <18401.30778.630307.932644@jerusalem.litteratus.org> <18401.31783.343088.197533@jerusalem.litteratus.org> <20080319205600.GJ39509@hal.rescomp.berkeley.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Christopher Cowart writes: > > 2) NAT still doesn't work. Still connected, but can't surf to > > www.google.com using Firefox. > > My kernel conf: > | options IPFIREWALL > | options IPFIREWALL_VERBOSE > | options IPFIREWALL_VERBOSE_LIMIT=100 > | options IPFIREWALL_FORWARD > | options IPFIREWALL_NAT > | options LIBALIAS I do not have "options IPFIREWALL_FORWARD" (it's commented out) because the attached comment says: enable xparent proxy support Since that machine doesn't do proxy ... is this necessary? > My (abbreviated) ipfw.rules script: > | /sbin/ipfw -q nat 1 config if vlan98 log reset unreg_only same_ports > | $CMD allow all from any to any via lo0 > | $CMD nat 1 ip4 from any to any > | $CMD allow icmp from any to any > | $CMD deny log ip from any to me > | $CMD allow ip4 from any to any Not an ipfw guru, but don't see anything that contradicts what I have. Robert Huff
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?18401.33813.132534.954227>