ipfw nat befuddlement
Randy Bush
randy at psg.com
Mon Oct 8 15:48:51 PDT 2007
> is your ruleset/config ok? can you post it?
appended, with one ip address obscured
> try to substitute the "nat 42 ip4 from any to any via vr0" rule with a
> divert rule, and config & start natd: does it config work as expected?
i hope to try this later today
randy
--
# ipfw list
00100 deny log logamount 100 ip from any to any ipoptions ssrr,lsrr,rr
00200 allow ip from any to any via lo0
00300 deny log logamount 100 ip from 127.0.0.0/8 to any
00400 deny log logamount 100 ip from any to 127.0.0.0/8
00500 allow tcp from 147.42.0.666 to any dst-port 25
00600 allow tcp from any to 147.42.0.666 dst-port 25
00700 allow tcp from me to any dst-port 25
00800 allow tcp from any to me dst-port 25
00900 deny log logamount 100 tcp from any to any dst-port 25
01000 deny ip from any to me dst-port 113
01100 nat 42 ip4 from any to any via vr0
01200 allow ip from any to any
65535 deny ip from any to any
More information about the freebsd-net
mailing list