Date: Mon, 20 Aug 2001 13:47:09 +0100 From: Chris Hastie <lists@oak-wood.co.uk> To: freebsd-questions@freebsd.org Subject: Re: Port redirection with natd Message-ID: <Akojd6HNbQg7Ew39@chris.oak-wood.co.uk> In-Reply-To: <20010819082640.D17720-100000@p6m7g8.student.umd.edu> References: <Zr%2BV%2B$FUjPg7EwEX@chris.oak-wood.co.uk> <20010819082640.D17720-100000@p6m7g8.student.umd.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 19 Aug 2001, Philip M. Gollucci <philip@p6m7g8.com> wrote >You need >gateway_enable="YES" in your rc.conf Forgot to mention that this is in rc.conf >if you dont' want to restart to try this use : >sysctl -w net.inet.ip.forwarding=1 > >which does the same thing. > >Until you get it working, I would use more the following firewall rules > ><from man natd> > /sbin/ipfw -f flush > /sbin/ipfw add divert natd all from any to any via xl0 > /sbin/ipfw add pass all from any to any AFAICS this has a similar effect to the open setting I'm using. Following boot up I get: # ipfw show 00050 264 43573 divert 8668 ip from any to any via xl0 00100 184 7708 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 43715 33722417 allow ip from any to any 65535 3 984 deny ip from any to any if I then try # ipfw add 10 divert natd all from and to any via xl0 I get 00010 248 41477 divert 8668 ip from any to any via xl0 00050 264 43573 divert 8668 ip from any to any via xl0 00100 184 7708 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 65000 43715 33722417 allow ip from any to any 65535 3 984 deny ip from any to any my new rule 10 has ended up exactly the same as that at 50. -- Chris Hastie http://www.oak-wood.co.uk/chris/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Akojd6HNbQg7Ew39>