Thanks, everything is working now.
It turns out that openvpn configures tun0 with too small a MTU which causes
the "black hole router" effect (i think). Problems occured like able to net
use samba share but unable to list files, etc. Once the MTU was upped, all
seems to work now.
-cs
>
> On Tue, 20 Apr 2004, Chiang Seng Chang wrote:
>
> > hi,
> >
> > anyone knows what is the equivalent of these in ipfw ?
> >
> > iptables -t nat -A POSTROUTING -s 10.1.0.2/32 -o eth0 -j MASQUERADE
> > iptables -t nat -A POSTROUTING -s 10.50.4.0/22 -o eth0 -j MASQUERADE
> >
> > it's for openvpn using tun0.
> >
> > i have setup natd using:
> >
> > ipfw add divert natd all from any to any via dc0
> >
> > and it is working.
> >
> > but i would like to be more specific so that i am not nat'ing
unnecessary.
> >
> > tried without success:
> >
> > ipfw add divert natd all from 10.1.0.1/32 to any via dc0
> > ipfw add divert natd all from 10.50.4.0/22 to any via dc0
> >
> try
> (from natd man page)
>
> -unregistered_only | -u
> Only alter outgoing packets with an unregistered source
> address. According to RFC 1918, unregistered source
> addresses are 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16.
>
>
> as an extra flag to natd
>
>
> > thanks and regards.
> >
> > -cs
> > ___
> > [EMAIL PROTECTED] mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
> >
> ___
> [EMAIL PROTECTED] mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
