ipfw3
nans_nans1 at yahoo.de
nans_nans1 at yahoo.de
Mon Jun 22 06:08:58 PDT 2015
Sorry, but this dont work.
My external nic is ue0 and my internal nic is em0.
I run 4.3 and a kernel with the following options:
options IPFIREWALL
options IPDIVERT
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
What i do:
In /etc/rc.conf: gateway_enable="YES"
Then:
kldload ipfw3_nat
ipfw3 nat 1 config if ue0
ipfw3 add nat 1 tcp via ue0
The result is that NAT don't work.
What is wrong with my configuration? Have i forgotten something?
--------------------------------------------
bycn82 <bycn82 at gmail.com> schrieb am Mo, 22.6.2015:
Betreff: Re: ipfw3
An: nans_nans1 at yahoo.de
CC: "users at dragonflybsd.org" <users at dragonflybsd.org>
Datum: Montag, 22. Juni, 2015 01:47 Uhr
hi,
sorry for
lacking of documentation.
below are
sample steps to use in-kernel NAT with ipfw3.
Step1: make
sure the ipfw3_nat module was loaded
dev03#kldstat | grep
ipfw3_nat 5 1 0xffffffff83242000
3000 ipfw3_nat.ko
if the modules was not loaded,
then below command to load the kernel module
dev03#kldload
ipfw3_nat
Step2: prepare
NAT config
dev03#ipfw3 nat 1 config
if em0ipfw nat
1 config if em0
which
means it will do MASQUERADE using interface
em0.
Step3: NAT the
traffic. NAT is just ip translate. so both
direction should go through the same NAT
config.
dev03#ipfw3
add nat 1 tcp via em0
this means both in and out traffic
on interface em0 will be filtered/ translated by NAT config
id 1.
hope this helps, please try it and
if you have any question, just let me know, and
if you can help to come up with an tutorial by rephrasing
this and append with your experience, that would be very
helpful.
http://www.dragonflybsd.org/docs/ipfw2/
is an wiki, there is a "edit page"
link.
regards,bycn82
On 22 June 2015 at 02:31,
<nans_nans1 at yahoo.de>
wrote:
Can
someone give me detailed/complete instructions how to
realize simple working nat with ipfw3 (including rc.conf and
configuration files).
The informations on these sites turns out to be sadly sparse
for me:
https://www.dragonflybsd.org/docs/ipfw2/
http://www.dragonflybsd.org/docs/ipfw2/modules/
More information about the Users
mailing list