Date: Wed, 19 Mar 2008 13:56:00 -0700 From: Christopher Cowart <ccowart@rescomp.berkeley.edu> To: Robert Huff <roberthuff@rcn.com> Cc: questions@freebsd.org Subject: Re: (more) confusion configuring NAT Message-ID: <20080319205600.GJ39509@hal.rescomp.berkeley.edu> In-Reply-To: <18401.31783.343088.197533@jerusalem.litteratus.org> References: <18401.29043.824662.173177@jerusalem.litteratus.org> <18401.30778.630307.932644@jerusalem.litteratus.org> <18401.31783.343088.197533@jerusalem.litteratus.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--2VXyA7JGja7B50zs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Robert Huff wrote: >=20 > 1) when I add the nat instance, it assigns it rule # 65100. Is > this a problem? Is there a way to assign my own rule #? (ipfw > seems not to like two "add"s in the same line.) >=20 > 2) NAT still doesn't work. Still connected, but can't surf to > www.google.com using Firefox. My kernel conf: | options IPFIREWALL | options IPFIREWALL_VERBOSE | options IPFIREWALL_VERBOSE_LIMIT=3D100 | options IPFIREWALL_FORWARD | options IPFIREWALL_NAT | options LIBALIAS My (abbreviated) ipfw.rules script: | /sbin/ipfw -q nat 1 config if vlan98 log reset unreg_only same_ports | $CMD allow all from any to any via lo0 | $CMD nat 1 ip4 from any to any | $CMD allow icmp from any to any | $CMD deny log ip from any to me | $CMD allow ip4 from any to any --=20 Chris Cowart Network Technical Lead Network & Infrastructure Services, RSSP-IT UC Berkeley --2VXyA7JGja7B50zs Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iQIVAwUBR+F94CPHEDszU3zYAQI3uBAAvxHc901X9XmIVDK6/8wb/C+EzhYIyptj XfjRmqlHJM7xR8tUJfy2tPQeWq2+dZVClNSQHkIcrkMtCFFeFGD3rwj1i8rQyb/4 c4j76aaplHDij34vP2KteQsOIOBbPZF8xUovR6G0YLQVmlxLi4rY4HuiI36766Ax qY3AI9Pn52bZfMZGhmVKCH7lmaoR9XoQ8zdFbLM+FrKsI9ahQddIgsUboVqhNSGF mt26RluSpEgYRkDvdF8pFi6YkO01Ql6XyST7uBzuYrn++4xK/Ak7hq9lsqr+U7Gx 5HKRiar6r5B9F9r4CB6AhqtQGQxe8Gq4flJi31pBymfJVTatLc6B+q6QUDZEAQyx Cb3yX42nNE2n5sBIvRvr6N/VpQ9Mfz4Lv5th1sOw2IeI2ftpDONbiJnwj9/Psb+Y OZyp1opPq8Gz4DrLqhtFzUy6SLjQ9JTuWD4JoK6Bbbfo0tJucUazOzW4phRRv146 W0f28pS8yujaob8L/xBQqcgCDx2bayIqtNrdogZeloZB1yq/RdoHtnrQokBUCPLD nWhJ344Viue6Cd3A58pmmmQT6y22ESbTGjSTbmHCBYccGaeYfp5fx3Z3CPMsQ4yo QAj8JDj6TZZ922grtrQH+IV/0QhjVerc+PD2Km3REMFCY8aKBpHXnExZ/q93+a7L 62OP95M3qYo= =Nimh -----END PGP SIGNATURE----- --2VXyA7JGja7B50zs--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080319205600.GJ39509>