Robert Huff wrote: > > 1) when I add the nat instance, it assigns it rule # 65100. Is > this a problem? Is there a way to assign my own rule #? (ipfw > seems not to like two "add"s in the same line.) > > 2) NAT still doesn't work. Still connected, but can't surf to > www.google.com using Firefox.
My kernel conf: | options IPFIREWALL | options IPFIREWALL_VERBOSE | options IPFIREWALL_VERBOSE_LIMIT=100 | options IPFIREWALL_FORWARD | options IPFIREWALL_NAT | options LIBALIAS My (abbreviated) ipfw.rules script: | /sbin/ipfw -q nat 1 config if vlan98 log reset unreg_only same_ports | $CMD allow all from any to any via lo0 | $CMD nat 1 ip4 from any to any | $CMD allow icmp from any to any | $CMD deny log ip from any to me | $CMD allow ip4 from any to any -- Chris Cowart Network Technical Lead Network & Infrastructure Services, RSSP-IT UC Berkeley
Description: PGP signature