natd + ipfw question
Leo Bicknell
bicknell at ufp.org
Tue Dec 23 12:17:15 PST 2003
Well, I found the solution to my problem by random chance (futzing with
other things), and it still doesn't make sense.
Works:
> ipfw add 1000 divert natd ip from any to any via fxp0
Doesn't work:
> ipfw add 1000 divert natd ip from any to any recv fxp0
> ipfw add 1001 divert natd ip from any to any xmit fxp0
Works:
ipfw add 1000 divert natd ip from any to any in recv fxp0
ipfw add 1001 divert natd ip from any to any out xmit fxp0
I must not be clear on what "in" "out" "recv" and "xmit" mean, and
after reading the manual page 3 times I'm now even more confused.
I'd love for someone to explain to me why the middle one doesn't
work (or, why in and out are required).
--
Leo Bicknell - bicknell at ufp.org - CCIE 3440
PGP keys at http://www.ufp.org/~bicknell/
Read TMBG List - tmbg-list-request at tmbg.org, www.tmbg.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20031223/694a1cc3/attachment.bin
More information about the freebsd-hackers
mailing list