Date: Fri, 30 Apr 2010 19:23:13 +0300 From: Dmitriy Demidov <dima_bsd@inbox.lv> To: freebsd-ipfw@freebsd.org Cc: Robert Huff <roberthuff@rcn.com> Subject: Re: help wanted with NAT under ipfw Message-ID: <201004301923.13306.dima_bsd@inbox.lv> In-Reply-To: <19418.39843.266203.180601@jerusalem.litteratus.org> References: <19418.39843.266203.180601@jerusalem.litteratus.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Friday 30 April 2010, Robert Huff wrote: > I have been trying to get NAT working under ipfw on: > > FreeBSD 9.0-CURRENT #0: Fri Apr 23 11:34:17 EDT 2010 amd64 > > and failing. > The ipfw part works fine. I'm using: > > ipfw_load="YES" > ipfw_nat_load="YES" # in-kernel ipfw nat > libalias_load="YES" # for in-kernel ipfw nat > > my ipfw rules are appended. > However, the moment I do this: > > ipfw add 5000 nat 15 all from any to any > ipfw nat 15 config log same_ports if em0 > > the machine is cut off from the outside world. Removing that > rule makes things right again. (Obviously checking whether NAT is > happening is useless.) > I've read the man page; I've read the Handbook. Neither are > helpful. > What am I doing wrong? > > Respectfully, > > > Robert Huff Hi, This could happen because of old annoying bug (or "feature"?) that seats somethere in the middle of libalias and em driver: http://www.freebsd.org/cgi/query-pr.cgi?pr=143939&cat=kern Try to turn off RXCSUM,TXCSUM on em interface: ifconfig em0 -rxcsum -txcsum -tso Good luck.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201004301923.13306.dima_bsd>