(more) confusion configuring NAT
Christopher Cowart
ccowart at rescomp.berkeley.edu
Wed Mar 19 21:06:57 PDT 2008
Robert Huff wrote:
> Christopher Cowart writes:
>> Do you have gateway_enable="YES" in your /etc/rc.conf?
>
> huff@>> grep gate /etc/rc.conf
> gateway_enable="YES"
>
>> $ sysctl -a net.inet.ip.forwarding
>> net.inet.ip.forwarding: 1
>
> huff@>> sysctl -a net.inet.ip.forwarding
> net.inet.ip.forwarding: 1
>
>
>> Is the interface mentioned in the nat config the interface with the
>> public IP?
>
> em0 connects to the cable modem.
>
>> Try putting `$CMD count log ip from any to any' rules to see if traffic
>> is matching where you expect it to;
>
> Where do I find the results of this
Typically /var/log/security. Assuming you have IPFIREWALL_VERBOSE in
your kernel config.
--
Chris Cowart
Network Technical Lead
Network & Infrastructure Services, RSSP-IT
UC Berkeley
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 825 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080320/b0a88e8d/attachment.pgp
More information about the freebsd-questions
mailing list