confusion with natd
Juhani Tali
juhani at kernel.ee
Fri Oct 1 00:38:46 PDT 2004
Mikhail P. wrote:
> On Friday 01 October 2004 06:51, Juhani Tali wrote:
>
> Did not quite understand what you meant here.
----
ended up running natd on tun0 of HOST_B as:
natd -interface rl1
natd -port 8568 -interface tun0
----
I should have read it as HOST_A, because HOST_B does not have a rl1,
only rl0.
----
ipfw add 4 divert 8568 ip from 192.168.0.3 to any out xmit tun0
ipfw add 6 divert 8568 ip from any to any in recv tun0
----
replace these with
ipfw add 4 divert 8568 ip from 192.168.0.3 to any
prior to this rule the packet was not destined to go out through tun0
but rl1, so the (xmit tun0) condition does not match.
ipfw add 6 divert 8568 ip from any to any in recv tun0
or perhaps
ipfw add 6 divert 8568 ip from any to 192.168.10.1
> I can translate 192.168.0.0/24
> into tunnel, but as my original message states, only packets to HOST_A fall
> into that route, any other packets (even ipfw has "ip from 192.168.0.3 to
> any") travel out regular way (not via tun0). That's the most confusing part
> ("any != "any"), and I'm stuck there.
Hope this works.
Juhani Tali
More information about the freebsd-isp
mailing list