[EMAIL PROTECTED] (Björn Lindström) wrote: > I'm having some trouble to get NAT working on the Internet gateway of my > home LAN. > > Here's my setup: > > I have compiled a kernel with the following options added: > > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_VERBOSE_LIMIT=10 > options IPDIVERT > > I have these relevant settings in my rc.conf: > > gateway_enable="YES" > firewall_enable="YES" > firewall_type="OPEN" > natd_enable="YES" > natd_interface="tun0" > natd_flags="-f /etc/natd.conf" > > (Where tun0 is the interface of my ADSL connection.)
Is tun0 the real interface? > My natd.conf only contains this line: > > redirect_port tcp 192.168.0.2:15000 15000 > > Now, when I reboot, ipfw show shows this: > > 00050 0 0 divert 8668 ip from any to any via tun0 > 00100 182 15680 allow ip from any to any via lo0 > 00200 0 0 deny ip from any to 127.0.0.0/8 > 00300 0 0 deny ip from 127.0.0.0/8 to any > 65000 11015 3073646 allow ip from any to any > 65535 4 236 deny ip from any to any > > > Here are the problems: > > * ps ax|grep natd shows that natd is not running. What happens if you start it manually? Are there any entries in /var/log/messages to tell you why it didn't start automatically? Looking at the output at system startup, there should be some indication of why natd didn't start. > * While I still cat get to the gateway from the inside, connections to > the Net doesn't work, until I 'ipfw delete 00050'. Are you saying that your internal machines _can_ get to the net when you delete that rule? If so, then you don't need nat, and you need to reconsider your configuration. -- Bill Moran Potential Technologies http://www.potentialtech.com _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
