trouble getting Jail with IPFW+NAT to work
Rick van der Zwet
info at rickvanderzwet.nl
Sat Jul 31 18:18:26 UTC 2010
On 31 July 2010 18:45, Alexander Petrovsky <askjuise at gmail.com> wrote:
> This is too stupid rule:
> ${fwcmd} add nat 200 all from 10.0.0.0/24 to any via re0
> ${fwcmd} nat 200 config if re0
> Try like someting like this:
> ${fwcmd} add nat 1 all from 10.0.0.0/24 to any out recv lo1 xmit re0
> ${fwcmd} add nat 1 all from any to 78.46.85.230 in recv re0
> ${fwcmd} nat 1 config if re0
That's not working, no NAT get 'applied'.
18:15:44.223649 IP 10.0.0.2 > 8.8.8.8: ICMP echo request, id 19034,
seq 0, length 64
18:15:45.228834 IP 10.0.0.2 > 8.8.8.8: ICMP echo request, id 19034,
seq 1, length 64
18:15:46.234813 IP 10.0.0.2 > 8.8.8.8: ICMP echo request, id 19034,
seq 2, length 64
18:15:47.240807 IP 10.0.0.2 > 8.8.8.8: ICMP echo request, id 19034,
seq 3, length 64
> or this:
> ${fwcmd} add nat 1 all from 10.0.0.0/24 to any out via re0
> ${fwcmd} add nat 1 all from any to 78.46.85.230 in via re0
> ${fwcmd} nat 1 config if re0
Cool works like a charm.
Thanks!
/Rick
--
http://rickvanderzwet.nl
More information about the freebsd-jail
mailing list