First off, JUST DON'T POST if you don't know how to make a post properly.
Subject title is most important part of your post, that's what everyone sees
before your message will be read. That said, a stupid subject title as
"Banging my head against a wall trying to figure this out" will normally be
sent to "Trash" automatically by most of us.
Just so you know, Subject title MUST not contain any personal
opinion/feeling/expression. Instead, it should be something short and simple
and descriptive to the main point (i.e. LAN to net ok, ipf box itself no).
I know it's something stupid. My solaris box is a router/nat box for my
home lan. 3 nics.
le0 = internet
le1 = lan
le2 = WAP Gateway
All the people can get out from the lan to the network.
Perhaps your ipnat rules allow them to, regardless of the missing explicit
corresponding pass out rules.
But the problem I'm having is, the solaris box itself, cannot get to the
internet.
You have no pass out rules at all. The ipf box itself needs this, whereas
ipnat implicity adds some pass out rules without your knowledge.
I'm assuming it's the block out on le0 all (my internet connection).
But I tried changing it to a pass, but It still did not work.
Without the 'quick' keyword, later rule or final rule wins. That's why
changing it to 'pass' has no effect in your case.
_________________________________________________________________
Dont just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/
