[Bug 201448] [IPFW] keep-state and in-kernel NAT exposes local ip on external interface
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Jul 14 08:57:53 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201448
--- Comment #3 from dlegrand <dleg at free.fr> ---
(In reply to g_amanakis at yahoo.com from comment #2)
I've done the changes you proposed, and there is no more IP packet not nated.
But I don't think there is an error in the handbook for the intended purpose in
the NAT section. If the outbound traffic is aliased before checking rules in
your IPFW rules file, you can't check on LAN private IP because the private IP
is replaced with your public IP. This is why we are using 'skipto' to do
outbound aliasing after the check on private IP.
I think there is something wrong with IPFW + NAT, but the handbook seems OK.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-doc
mailing list