Hi James, Thanks for pointing that issue out, it has been fixed.
Regards, Bill Yuan On Tue, 15 Jun 2021 at 15:06, James Hobson <[email protected]> wrote: > Hello! > > I'm trying to test out the ipfw3 nat module and I can't seem to get > anything to work! The example on the mailing list seems to be out of date > (the nat command takes an ip now, not an interface) > > The setup is this: > External nic: em0. IP: 192.168.0.178/24 > Internal nic: igb0. IP: 172.23.0.1/24 > Computer attached to internal nic: 172.23.0.2/24 > > all IPs are static > > my script is as follows: > --------------------------------------------------------- > #!/bin/sh > > > INT="igb0" > EXT="em0" > > > if test -z "$(kldstat | grep ipfw3_nat.ko)"; then > kldload ipfw3_layer4 > fi > > if test -z "$(kldstat | grep ipfw3_layer4.ko)"; then > kldload ipfw3_layer4 > fi > > ipfw3 flush > > ipfw3 add allow all via $INT > > ipfw3 nat 1 config ip 192.168.0.178 > ipfw3 add nat 1 all via $EXT > ipfw3 nat 1 show state > > ipfw3 add deny all > --------------------------------------------------------- > > my rc.conf contains: > --------------------------------------------------------- > ifconfig_em0="inet 192.168.0.178/24" > ifconfig_igb0="inet 172.23.0.1/24" > gateway_enable=“YES" > -------------------------------------------------------- > > my sysctl.conf is: > -------------------------------------------------------- > net.inet.ip.forwarding=1 > net.filters_default_to_accept=1 > -------------------------------------------------------- > > But I cannot ping 8.8.8.8 from the computer attached to the internal nic! > What am I going wrong? > > James >
