vnet jail and ipfw/nat on host - keep-state problem?

[Peter Toth]

Hi Peter,

Try to make these changes:

net.inet.ip.forwarding=1       # Enable IP forwarding between interfaces
net.link.bridge.pfil_onlyip=0  # Only pass IP packets when pfil is enabled
net.link.bridge.pfil_bridge=0  # Packet filter on the bridge interface
net.link.bridge.pfil_member=0  # Packet filter on the member interface

You can find some info here
http://iocage.readthedocs.org/en/latest/help-no-internet.html

I've had these issues before with PF and IPFW, by default these will be
filtering on your bridge and member interfaces.

Cheers,
Peter