I see "tun" in your ipnat rule. That means you are using ppp for phone dialup connection. Every time you lose your phone connection you get different IP from your ISP. Use NAT function of PPP and not ipnat and your problem will go away.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of caleb Sent: Friday, December 30, 2005 9:16 PM To: freebsd-questions@freebsd.org Subject: ipnat -CF -f /etc/ipnat.rules Hi everyone, I have just put together a router/firewall using 5.4 RELEASE and IPFILTER. Everything is working fine except I have to manually flush the NAT table every time the router boots. below is my rc.conf and ipnat.rules, I have used rc.conf to start everything at boot; /* rc.conf */ gateway_enable="YES" sshd_enable="YES" ifconfig_rl1="inet 10.0.0.1 netmask 255.255.255.0" ifconfig_rl0="inet 192.168.0.1 netmask 255.255.255.0" hostname="tweak" ipfilter_enable="YES" ipfilter_rules="/etc/ipf.rules" ipmon_enable="YES" ipmon_flags="-Ds" ipnat_enable="YES" ipnat_rules="/etc/ipnat.rules" ppp_enable="YES" ppp_mode="ddial" ppp_nat="NO" ppp_profile="netspace" ppp_user="root" /* ipnat.rules */ map tun0 192.168.0.0/24 -> 0/32 Is there something I am missing? I do not think it is ipf, as I have configured it to allow everything in and out. Could you please CC me if you decide to help. Thankyou, caleb -- There is no spoon _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"