ipfw3 nat help
James Hobson
James.Hobson at jotron.com
Tue Jun 15 00:06:46 PDT 2021
Hello!
I'm trying to test out the ipfw3 nat module and I can't seem to get anything to work! The example on the mailing list seems to be out of date (the nat command takes an ip now, not an interface)
The setup is this:
External nic: em0. IP: 192.168.0.178/24
Internal nic: igb0. IP: 172.23.0.1/24
Computer attached to internal nic: 172.23.0.2/24
all IPs are static
my script is as follows:
---------------------------------------------------------
#!/bin/sh
INT="igb0"
EXT="em0"
if test -z "$(kldstat | grep ipfw3_nat.ko)"; then
kldload ipfw3_layer4
fi
if test -z "$(kldstat | grep ipfw3_layer4.ko)"; then
kldload ipfw3_layer4
fi
ipfw3 flush
ipfw3 add allow all via $INT
ipfw3 nat 1 config ip 192.168.0.178
ipfw3 add nat 1 all via $EXT
ipfw3 nat 1 show state
ipfw3 add deny all
---------------------------------------------------------
my rc.conf contains:
---------------------------------------------------------
ifconfig_em0="inet 192.168.0.178/24"
ifconfig_igb0="inet 172.23.0.1/24"
gateway_enable=“YES"
--------------------------------------------------------
my sysctl.conf is:
--------------------------------------------------------
net.inet.ip.forwarding=1
net.filters_default_to_accept=1
--------------------------------------------------------
But I cannot ping 8.8.8.8 from the computer attached to the internal nic!
What am I going wrong?
James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dragonflybsd.org/pipermail/users/attachments/20210615/f4ac64f1/attachment.htm>
More information about the Users
mailing list