On 28/11/2015 05:03, Thomas wrote: > Aren't your regular NAT rules in NAT instance 1? That command will > overwrite those and leave just the new ones. > > If that's the case, you can put those rules in a different NAT instance, > or add them to the rest of your NAT rules. > > > Wed, Nov 25, 2015 at 04:00:12PM +1100, Graham Menhennitt: >> Hello IPFWers, >> >> I have a box running FreeBSD 10-stable that I use as a >> router/firewall/NAT. It runs IPFW and uses kernel NAT. My son is nagging >> me about playing multi-player online games on his Sony PS4. >> >> From what I've read, I could enable UPnP. But I've tried compiling the >> net/miniupnpd port but it won't build for IPFW (and I don't want to >> convert to PF). >> >> Giving up on that, I'm now trying to enable port forwarding - >> apparently, this will fix it. I've allocated the PS4 a static IP address >> on my LAN. I need to port forward TCP ports 80, 443, 1935, 3478-3480, >> and UDP ports 3478-3479. I've tried the following command: >> >> ... >> but that completely kills my Internet connection for all other uses (and >> the PS4 still doesn't work!). >> Thanks for responding, Thomas. You're right - that's what's killing my Internet connection. I've changed the command to:
ipfw nat 1 config if re1 same_ports \ redirect_port tcp ${PS4_LAN_ADDRESS}:80 80 \ redirect_port tcp ${PS4_LAN_ADDRESS}:443 443 \ redirect_port tcp ${PS4_LAN_ADDRESS}:1935 1935 \ redirect_port tcp ${PS4_LAN_ADDRESS}:3478 3478 \ redirect_port tcp ${PS4_LAN_ADDRESS}:3479 3479 \ redirect_port tcp ${PS4_LAN_ADDRESS}:3480 3480 \ redirect_port udp ${PS4_LAN_ADDRESS}:3478 3478 \ redirect_port udp ${PS4_LAN_ADDRESS}:3479 3479 At least it doesn't kill anything now. But the PS4 still doesn't work. When I do "Test internet connection" on it, it says "NAT: Failed". For a DMZ, I need a separate network for the PS4 - is that right? That means a separate physical connection (i.e. WAP or cable). Thanks again, Graham _______________________________________________ freebsd-ipfw@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"