(more) confusion configuring NAT
Robert Huff
roberthuff at rcn.com
Wed Mar 19 14:22:19 PDT 2008
Christopher Cowart writes:
> > 2) NAT still doesn't work. Still connected, but can't surf to
> > www.google.com using Firefox.
>
> My kernel conf:
> | options IPFIREWALL
> | options IPFIREWALL_VERBOSE
> | options IPFIREWALL_VERBOSE_LIMIT=100
> | options IPFIREWALL_FORWARD
> | options IPFIREWALL_NAT
> | options LIBALIAS
I do not have "options IPFIREWALL_FORWARD" (it's commented out)
because the attached comment says:
enable xparent proxy support
Since that machine doesn't do proxy ... is this necessary?
> My (abbreviated) ipfw.rules script:
> | /sbin/ipfw -q nat 1 config if vlan98 log reset unreg_only same_ports
> | $CMD allow all from any to any via lo0
> | $CMD nat 1 ip4 from any to any
> | $CMD allow icmp from any to any
> | $CMD deny log ip from any to me
> | $CMD allow ip4 from any to any
Not an ipfw guru, but don't see anything that contradicts what
I have.
Robert Huff
More information about the freebsd-questions
mailing list