From owner-freebsd-pf@FreeBSD.ORG  Thu Sep 16 03:39:38 2004
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 674)
	id 57BE516A4CF; Thu, 16 Sep 2004 03:39:38 +0000 (GMT)
Delivered-To: mlaier@vampire.homelinux.org
Received: (qmail 15593 invoked by uid 1005); 4 Jun 2003 04:46:46 -0000
Delivered-To: max@vampire.homelinux.org
Received: (qmail 15590 invoked from network); 4 Jun 2003 04:46:46 -0000
Received: from moutng.kundenserver.de (212.227.126.184)
  by pd9530f5c.dip.t-dialin.net with SMTP; 4 Jun 2003 04:46:46 -0000
Received: from [212.227.126.211] (helo=mxng15.kundenserver.de)
	by moutng.kundenserver.de with esmtp (Exim 3.35 #1)
	id 19NR6v-0006PY-00
	for max@vampire.homelinux.org; Wed, 04 Jun 2003 07:46:57 +0200
Received: from [206.53.239.180] (helo=turing.freelists.org)
	by mxng15.kundenserver.de with esmtp (Exim 3.35 #1)
	id 19NR6s-0001L1-00
	for max@love2party.net; Wed, 04 Jun 2003 07:46:54 +0200
Received: from turing (localhost [127.0.0.1])ESMTP
	id C13F9390A87; Wed,  4 Jun 2003 00:43:03 -0500 (EST)
Received: with ECARTIS (v1.0.0; list pf4freebsd);
	Wed, 04 Jun 2003 00:43:01 -0500 (EST)
Delivered-To: pf4freebsd@freelists.org
Received: from moutng.kundenserver.de (moutng.kundenserver.de
	[212.227.126.177])ESMTP id 135D8390A5B
	for <pf4freebsd@freelists.org>; Wed,  4 Jun 2003 00:43:01 -0500 (EST)
Received: from [212.227.126.162] (helo=mrelayng.kundenserver.de)
	by moutng.kundenserver.de with esmtp (Exim 3.35 #1)
	id 19NR6o-0001xj-00
	for pf4freebsd@freelists.org; Wed, 04 Jun 2003 07:46:50 +0200
Received: from [217.83.15.92] (helo=max900)
	by mrelayng.kundenserver.de with asmtp (Exim 3.35 #1)
	id 19NR6o-0002SF-00
	for pf4freebsd@freelists.org; Wed, 04 Jun 2003 07:46:50 +0200
Message-ID: <000901c32a5c$b7283810$01000001@max900>
From: "Max Laier" <max@love2party.net>
To: <pf4freebsd@freelists.org>
References: <000701c32a18$6db7a740$050410ac@scum>
MIME-Version: 1.0
Content-type: text/plain;
  charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
X-archive-position: 20
X-ecartis-version: Ecartis v1.0.0
Sender: pf4freebsd-bounce@freelists.org
Errors-To: pf4freebsd-bounce@freelists.org
X-original-sender: max@love2party.net
Precedence: normal
X-list: pf4freebsd
X-UID: 90
X-Length: 3435
X-Mailman-Approved-At: Thu, 16 Sep 2004 03:55:51 +0000
Subject: [pf4freebsd] Re: Version 1.52
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.1
Reply-To: pf4freebsd@freelists.org
List-Id: Technical discussion and general questions about packet filter (pf)
	<freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
Date: Thu, 16 Sep 2004 03:39:38 -0000
X-Original-Date: Wed, 4 Jun 2003 07:46:58 +0200
X-List-Received-Date: Thu, 16 Sep 2004 03:39:38 -0000

I see a little contrast here:

> ===[root] /boot/kernel # pfctl -sa
> scrub in all fragment reassemble
> pass quick on lo0 all
> nat on fxp0 inet from 172.16.4.1 to any -> 172.16.4.11

> ===[root] /usr/local/etc # cat pf.conf
[...]
> nat on $ext_if from 172.16.5.1 to any -> 172.16.4.11

Are your sure that you did load the ruleset you are cat'ing? As you see,
pfctl tells you that it will "nat ... from 172.16.4.1 ..." that is a point
of interest! What is your LAN-Layout (i.e. in what way are 172.16.5.1,
172.16.4.11 and your external gateway connected) ? Is default route and
netmask correct on all boxes involved?

We will get thisone working! So please look at the issue with xxx4.1 vs.
xxx5.1 and maybe paste output of "netstat -rn" and "ifconfig -a" of
172.16.5.1 and 172.16.4.11 as well.

Thank you very much for your feedback, I really hope that we can settle this
problem soon
    Max