Date: Fri, 15 Dec 2000 02:33:20 -0500 (EST) From: Mike Nowlin <mike@argos.org> To: Lists Account <lists@security.za.net> Cc: hackers@FreeBSD.ORG Subject: Re: NOS-TUN / Natd Message-ID: <Pine.LNX.4.21.0012150229530.8135-100000@jason.argos.org> In-Reply-To: <Pine.BSF.4.21.0012150747130.94071-100000@security.za.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> Just a quick question out of interests sake, I was setting up nos-tunnels > yesterday, and I had the tunnel functioning 100% perfectly, however I > could not get it to NAT the remote side of the tunnel, until I put an ipfw > divert 8668 ip from any to any via any statement in my firewall config. > ipfw add 1 divert 8668 ip from any to any in recv tun0 My first thought is to do something like: ipfw add 1 allow ip from any to any in via tun0 ipfw add 2 divert 8668 ip from 1.2.3.4 to any ...where 1.2.3.4 is an IP on the remote end of the tunnel - send a few packets from 1.2.3.4, then do an "ipfw s" to see if they're hitting that rule. That should help figure out if it's a problem with the tunnel code, or a problem with your ipfw rules. (ipfw can bring up some interesting situations, especially with NAT.) mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.21.0012150229530.8135-100000>