Please help with NAT
Bill Hacker
wbh at conducive.org
Thu Oct 19 15:39:17 PDT 2006
Justin C. Sherrill wrote:
On Thu, October 19, 2006 10:57 am, Eugene wrote:
Sorry for the stupid question, but I can't get NAT working properly on
my machine.
Generally speaking, I cannot reach internet from LAN machines, while
natd is running and packets are being forwarded to the 'external'
interface.
Hmm... I have:
in /etc/rc.conf:
gateway_enable="YES"
firewall_enable="YES"
firewall_type="OPEN"
natd_enable="YES"
natd_interface="dc0"
natd_flags=""
In kernel config:
options IPFIREWALL
options IPDIVERT
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=100
options TCP_DROP_SYNFIN
options "ICMP_BANDLIM"
Change natd_interface, and it should work for you after building the new
kernel. Like others have said here, I plan to switch to pf; I just
haven't done it yet.
Side issue, but does pf [now | yet| always] have a 'dummynet' style tool for
rate-limiting and testing?
Bill
More information about the Users
mailing list