ipnat -CF -f /etc/ipnat.rules

perikillo perikillo at gmail.com
Mon Jan 2 15:11:58 PST 2006 

On 1/2/06, fbsd_user <fbsd_user at a1poweruser.com> wrote:
> I see "tun" in your ipnat rule.
> That means you are using ppp for phone dialup connection.
> Every time you lose your phone connection you get different IP from
> your ISP.
> Use NAT function of PPP and not ipnat and your problem will go away.
>
> -----Original Message-----
> From: owner-freebsd-questions at freebsd.org
> [mailto:owner-freebsd-questions at freebsd.org]On Behalf Of caleb
> Sent: Friday, December 30, 2005 9:16 PM
> To: freebsd-questions at freebsd.org
> Subject: ipnat -CF -f /etc/ipnat.rules
>
>
> Hi everyone,
>             I have just put together a router/firewall using 5.4
> RELEASE
> and IPFILTER. Everything is working fine except I have to manually
> flush
> the NAT table every time the router boots. below is my rc.conf and
> ipnat.rules, I have used rc.conf to start everything at boot;
>
> /* rc.conf */
>
> gateway_enable="YES"
> sshd_enable="YES"
> ifconfig_rl1="inet 10.0.0.1 netmask 255.255.255.0"
> ifconfig_rl0="inet 192.168.0.1 netmask 255.255.255.0"
> hostname="tweak"
> ipfilter_enable="YES"
> ipfilter_rules="/etc/ipf.rules"
> ipmon_enable="YES"
> ipmon_flags="-Ds"
> ipnat_enable="YES"
> ipnat_rules="/etc/ipnat.rules"
> ppp_enable="YES"
> ppp_mode="ddial"
> ppp_nat="NO"
> ppp_profile="netspace"
> ppp_user="root"
>
> /* ipnat.rules */
>
> map tun0 192.168.0.0/24 -> 0/32
>
>
> Is there something I am missing? I do not think it is ipf, as I have
> configured it to allow everything in and out. Could you please CC me
> if
> you decide to help.
>
> Thankyou,
>
> caleb
> --
> There is no spoon
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

   Well i use PPPoE protocol, i have never try the same ppp program to
handle the NAT thing, them i disable ipnat or what...? I need to
understand this very clear.

   Thanks for your tip.

More information about the freebsd-questions mailing list