Subject: Re[2]: ipfw2(stateful)+divert; why divert rule is ignored? - msg#00007

Previous Message by Date: click to view message preview

Re: ipfw2(stateful)+divert; why divert rule is ignored?

Regular NAT is working properly, but I can't configure NAPT to services on server in LAN.... You mean port forwarding? 03800 0 0 divert 6893 log logamount 100 tcp from 192.168.0.1 80 to any out via tun0 Possibly traffic has already been translated at this point? 04700 25 1554 divert 6893 log logamount 100 tcp from any to 212.42.xxx.xxx dst-port 80 in via tun0 Why multiple diverts? 05000 150 6816 allow log logamount 100 tcp from any to 192.168.0.1 dst-port 80 in via tun0 setup keep-state I believe you'll find setup keep-state incompatible with natd. _______________________________________________ freebsd-ipfw@xxxxxxxxxxx mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@xxxxxxxxxxx"

Next Message by Date: click to view message preview

ipfw Unrecognised option

I'm running FreeBSD 5.4-RELEASE FreeBSD 5.4-RELEASE #6: When running the following line I get the following error, vlan117 is up and running and working just fine, but I can't seem to do any shaping on it. ipfw add 107 queue 9 ip from any to any in vlan117 ipfw: unrecognised option [-1] vlan117 vlan117: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet xxx.xxx.xxx.xxx netmask 0xffffffe0 broadcast xxx.xxx.xxx.xxx ether 00:30:48:85:1a:8e media: Ethernet autoselect (100baseTX <full-duplex>) status: active vlan: 117 parent interface: bge0 any ideas why I get the error? Tyrone Van Der Haar DISCLAIMER This e-mail is intended only for the use of the addressees named above and may be confidential. If you are not an addressee you must not use any information contained in nor copy it nor inform any person other than TeleCity or the addressees of its existence or contents. If you have received this e-mail in error, please contact the TeleCity IT department on +44 (0) 161 232 3220 or by email at techsupport@xxxxxxxxxxxxx Internet communications cannot be guaranteed 100% secure, you should therefore take this potential lack of security into consideration when emailing us as we do not accept legal responsibility for the security of the contents of this or other emails. Whilst TeleCity take measures to prevent any virus contamination of our computer systems, recipients of emails should always ensure that they take their own precautions to avoid virus contamination. _______________________________________________ freebsd-ipfw@xxxxxxxxxxx mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@xxxxxxxxxxx"

Previous Message by Thread: click to view message preview

Re: ipfw2(stateful)+divert; why divert rule is ignored?

Regular NAT is working properly, but I can't configure NAPT to services on server in LAN.... You mean port forwarding? 03800 0 0 divert 6893 log logamount 100 tcp from 192.168.0.1 80 to any out via tun0 Possibly traffic has already been translated at this point? 04700 25 1554 divert 6893 log logamount 100 tcp from any to 212.42.xxx.xxx dst-port 80 in via tun0 Why multiple diverts? 05000 150 6816 allow log logamount 100 tcp from any to 192.168.0.1 dst-port 80 in via tun0 setup keep-state I believe you'll find setup keep-state incompatible with natd. _______________________________________________ freebsd-ipfw@xxxxxxxxxxx mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@xxxxxxxxxxx"

Next Message by Thread: click to view message preview

ipfw Unrecognised option

I'm running FreeBSD 5.4-RELEASE FreeBSD 5.4-RELEASE #6: When running the following line I get the following error, vlan117 is up and running and working just fine, but I can't seem to do any shaping on it. ipfw add 107 queue 9 ip from any to any in vlan117 ipfw: unrecognised option [-1] vlan117 vlan117: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 inet xxx.xxx.xxx.xxx netmask 0xffffffe0 broadcast xxx.xxx.xxx.xxx ether 00:30:48:85:1a:8e media: Ethernet autoselect (100baseTX <full-duplex>) status: active vlan: 117 parent interface: bge0 any ideas why I get the error? Tyrone Van Der Haar DISCLAIMER This e-mail is intended only for the use of the addressees named above and may be confidential. If you are not an addressee you must not use any information contained in nor copy it nor inform any person other than TeleCity or the addressees of its existence or contents. If you have received this e-mail in error, please contact the TeleCity IT department on +44 (0) 161 232 3220 or by email at techsupport@xxxxxxxxxxxxx Internet communications cannot be guaranteed 100% secure, you should therefore take this potential lack of security into consideration when emailing us as we do not accept legal responsibility for the security of the contents of this or other emails. Whilst TeleCity take measures to prevent any virus contamination of our computer systems, recipients of emails should always ensure that they take their own precautions to avoid virus contamination. _______________________________________________ freebsd-ipfw@xxxxxxxxxxx mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@xxxxxxxxxxx"