On Mon, 19 Jul 2010, Mamontov Roman wrote:
> > What's the value of sysctl net.inet.ip.fw.one_pass ? It needs to be 0
> > so that packets will re-enter the firewall after NAT processing.
>
> > Otherwise, it might help to
>
> > a) run 'ipfw zero' before any tests .. I'm wondering about all
On Mon, 19 Jul 2010, Mamontov Roman wrote:
> Hello, Ian.
>
> > UDP port 33564 on this box (xxx.xxx.xxx.xxx) is not redirected to any
> > other address:port, and you have specified deny_in (-deny_incoming in
> > natd-speak) so, well, you got what you asked for ..
>
> > See the description
On Thu, 15 Jul 2010, Mamontov Roman wrote:
> Hello, freebsd-ipfw.
>
> I try to use ipfw nat with this rules:
>
> 00035 138 10242 nat 1 log ip from any to any via ext_if1
> 65000 6823 689594 allow ip from any to any
> 65535 170 13629 deny ip from any to any
>
> ipfw nat 1 config ip x
