ipfw nat befuddlement
Paolo Pisati
piso at freebsd.org
Mon Oct 8 01:22:51 PDT 2007
On Mon, Oct 08, 2007 at 11:03:35AM +0400, Andrey V. Elsukov wrote:
> Randy Bush wrote:
>> # grep -n nat /etc/ipfw.rules
>> 33:add nat 123 all from any to any
>> 34:add nat 123 config if vr0
> ^^^^^^^^ - add is not needed here.
ipfw nat crash course:
echo "net.inet.ip.fw.one_pass=0" >> /etc/sysctl.conf
and manually add:
ipfw nat 123 config if $IF log
ipfw add nat 123 ip4 from any to any via $IF
or substisute natd_enable/natd_interface in rc.conf with:
firewall_nat_enable="yes"
firewall_nat_interface="$IF"
Done.
bye,
P.
More information about the freebsd-net
mailing list