ipfw + NAT doesn't work
Ruben de Groot
mail25 at bzerk.org
Fri Sep 18 14:05:49 UTC 2009
On Thu, Sep 17, 2009 at 02:53:12PM -0400, Robert Huff typed:
>
> Ruben de Groot writes:
>
> > > However: using these I still can't get through
> >
> > Through to what? You seem to be able to connect on a local subnet, but
> > not to the internet through NAT, which you say is ok, because you
> > shouldn't ?
> >
> > Please explain exactly what you want to do.
>
> 1) With the firewall enabled, but no NAT-related rules, I can't
> get out.
> This is as expected.
> 2) With the NAT rules added, I should be able to get out, but
> can't.
> Clear?
I think so. What's your outgoing ip? The rules you posted:
>ipfw add 5000 nat 15 all from any to any
>ipfw nat 15 config log same_ports ip 10.0.0.0/8
^^^^^^^^^^
Looks strange to me. Instead of 10.0.0.0/8 I believe you should use
a single IP that you want to translate to (ie your outgoing IP address).
Ruben
More information about the freebsd-questions
mailing list