trouble getting Jail with IPFW+NAT to work

[Alexander Petrovsky]

This is too stupid rule:

${fwcmd} add nat 200 all from 10.0.0.0/24 to any via re0
${fwcmd} nat 200 config if re0

Try like someting like this:

${fwcmd} add nat 1 all from 10.0.0.0/24 to any out recv lo1 xmit re0
${fwcmd} add nat 1 all from any to 78.46.85.230 in recv re0
${fwcmd} nat 1 config if re0

or this:

${fwcmd} add nat 1 all from 10.0.0.0/24 to any out via re0
${fwcmd} add nat 1 all from any to 78.46.85.230 in via re0
${fwcmd} nat 1 config if re0


2010/7/31 Rick van der Zwet <info at rickvanderzwet.nl>

> On 31 July 2010 16:06, Alexander Petrovsky <askjuise at gmail.com> wrote:
> > Show ifconfig plz!
> > Show netstat -arn!
>
> %ifconfig -a
> re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
>
>  options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC>
>        ether 40:61:86:e9:d3:12
>        inet 78.46.85.230 netmask 0xffffffe0 broadcast 78.46.85.255
>        inet6 fe80::4261:86ff:fee9:d312%re0 prefixlen 64 scopeid 0x1
>        inet6 2a01:4f8:120:13a3::2 prefixlen 59
>        inet 78.46.112.168 netmask 0xfffffff0 broadcast 78.46.112.175
>        media: Ethernet autoselect (100baseTX <full-duplex>)
>        status: active
> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
>        options=3<RXCSUM,TXCSUM>
>        inet 127.0.0.1 netmask 0xff000000
>        inet6 ::1 prefixlen 128
>        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
>        inet 127.0.0.2 netmask 0xffffffff
>        inet 127.0.0.3 netmask 0xffffffff
> lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
>        options=3<RXCSUM,TXCSUM>
>        inet 10.0.0.1 netmask 0xffffff00
>        inet 10.0.0.2 netmask 0xffffff00
> %netstat -am
> 257/3328/3585 mbufs in use (current/cache/total)
> 256/2318/2574/25600 mbuf clusters in use (current/cache/total/max)
> 256/1792 mbuf+clusters out of packet secondary zone in use (current/cache)
> 0/263/263/12800 4k (page size) jumbo clusters in use
> (current/cache/total/max)
> 0/0/0/6400 9k jumbo clusters in use (current/cache/total/max)
> 0/0/0/3200 16k jumbo clusters in use (current/cache/total/max)
> 576K/6520K/7096K bytes allocated to network (current/cache/total)
> 0/0/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters)
> 0/0/0 requests for jumbo clusters denied (4k/9k/16k)
> 0/0/0 sfbufs in use (current/peak/max)
> 0 requests for sfbufs denied
> 0 requests for sfbufs delayed
> 139 requests for I/O initiated by sendfile
> 0 calls to protocol drain routines
>
> /Rick
> --
> http://rickvanderzwet.nl
>



-- 
Петровский Александр / Alexander Petrovsky,

ICQ: 350342118
Jabber: juise at jabber.ru
Phone: +7 914 8 820 815