--On Tuesday, October 14, 2003 11:40:57 -0700 DavidB <[EMAIL PROTECTED]> wrote:
Larry Rosenman wrote:
I did post to -questions as well.
If you would post this to freebsd-questions you would probably get better service, since it is most likely a configuration issue.
Yes, I've verified it.
And yes, it is my understanding that IPDIVERT is not needed for IPFILTER and ipnat. anyone?
Wasn't sure about that. Thanks.
the rc.conf gateway_enable option and setting the sysctl forwarding option do the same thing, someone more knowledgeable can answer to that one. Oh, I just checked it sets the forwarding but not fastforwarding. So you need either method you choose, both is redundant.
ping local, ping external-ip, ping name.of.external all work.
You are not very descriptive: can ping? ping [ip.num.for.localhost] or ping [ip.num.for.externalhost] or ping [host.domain.tld]
host www.lerctr.org works (from a non-auth resolver for it).
apparently do name lookups?? are you getting good results from nslookup www.abcnews.com or such?
Didn't seem to get it. I did do a ipnat -l and SAW THE TRANSLATION.
I think there is a top like command line option for ipfilter you can use to see what ipfilter is doing, but I am not sure if it is helpful with ipnat.
I also could telnet to the same destination from directly on the fw/router box, and saw the session. :-(
Will follow-up there.
posting to questions instead, I think is appropriate.
Have a good day,
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
-- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: [EMAIL PROTECTED] US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749
Description: PGP signature