From owner-freebsd-questions@FreeBSD.ORG Sun Jul 18 18:58:40 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0C74016A4CE for ; Sun, 18 Jul 2004 18:58:40 +0000 (GMT) Received: from main.gmane.org (main.gmane.org [80.91.224.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4590A43D1D for ; Sun, 18 Jul 2004 18:58:39 +0000 (GMT) (envelope-from freebsd-questions@m.gmane.org) Received: from list by main.gmane.org with local (Exim 3.35 #1 (Debian)) id 1BmGru-0000gP-00 for ; Sun, 18 Jul 2004 20:58:38 +0200 Received: from numerus.ling.uu.se ([130.238.78.148]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 18 Jul 2004 20:58:38 +0200 Received: from bkhl by numerus.ling.uu.se with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 18 Jul 2004 20:58:38 +0200 X-Injected-Via-Gmane: http://gmane.org/ Mail-Followup-To: freebsd-questions@freebsd.org To: freebsd-questions@freebsd.org From: bkhl@elektrubadur.se (=?iso-8859-1?q?Bj=F6rn_Lindstr=F6m?=) Date: Sun, 18 Jul 2004 20:58:35 +0200 Lines: 40 Message-ID: References: <20040718124432.56a7b923.wmoran@potentialtech.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: numerus.ling.uu.se Mail-Copies-To: never X-Home-Page: http://bkhl.elektrubadur.se/ User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.2 (gnu/linux) Cancel-Lock: sha1:9XINe2DI1+3Bn6ZnMXwQ/jhv//E= Sender: news Subject: Re: NAT trouble X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Jul 2004 18:58:40 -0000 Bill Moran writes: >> (Where tun0 is the interface of my ADSL connection.) > > Is tun0 the real interface? No, the actual card is rl0: rl0: flags=8843 mtu 1500 inet6 fe80::2e0:4cff:feb0:5d5b%rl0 prefixlen 64 scopeid 0x1 ether 00:e0:4c:b0:5d:5b media: Ethernet autoselect (100baseTX ) status: active ppp0: flags=8010 mtu 1500 tun0: flags=8051 mtu 1492 inet 81.228.156.82 --> 81.228.156.1 netmask 0xffffffff Opened by PID 53 Is it the actual NIC that should be put in $nat_interface? > What happens if you start it manually? Are there any entries in > /var/log/messages to tell you why it didn't start automatically? > Looking at the output at system startup, there should be some > indication of why natd didn't start. Nope. There's nothing helpful there that I can see. Only this seems related: Jul 18 17:13:36 calliope /kernel: IP packet filtering initialized, \ divert enabled, rule-based forwarding enabled, default to deny, \ logging limited to 10 packets/entry by default ...and that seems right. > Are you saying that your internal machines _can_ get to the net when > you delete that rule? If so, then you don't need nat, and you need to > reconsider your configuration. I need NAT, because I need machines inside the LAN to serve certain ports. (15000, as you can see from the line from natd.conf.)