How do I get the fixed version? Is this a classic rebuild from git head? James
On 21 Jun 2021, at 17:38, Bill Yuan <[email protected]> wrote: Hi James, Thanks for pointing that issue out, it has been fixed. Regards, Bill Yuan On Tue, 15 Jun 2021 at 15:06, James Hobson <[email protected]<mailto:[email protected]>> wrote: Hello! I'm trying to test out the ipfw3 nat module and I can't seem to get anything to work! The example on the mailing list seems to be out of date (the nat command takes an ip now, not an interface) The setup is this: External nic: em0. IP: 192.168.0.178/24<http://192.168.0.178/24> Internal nic: igb0. IP: 172.23.0.1/24<http://172.23.0.1/24> Computer attached to internal nic: 172.23.0.2/24<http://172.23.0.2/24> all IPs are static my script is as follows: --------------------------------------------------------- #!/bin/sh INT="igb0" EXT="em0" if test -z "$(kldstat | grep ipfw3_nat.ko)"; then kldload ipfw3_layer4 fi if test -z "$(kldstat | grep ipfw3_layer4.ko)"; then kldload ipfw3_layer4 fi ipfw3 flush ipfw3 add allow all via $INT ipfw3 nat 1 config ip 192.168.0.178 ipfw3 add nat 1 all via $EXT ipfw3 nat 1 show state ipfw3 add deny all --------------------------------------------------------- my rc.conf contains: --------------------------------------------------------- ifconfig_em0="inet 192.168.0.178/24<http://192.168.0.178/24>" ifconfig_igb0="inet 172.23.0.1/24<http://172.23.0.1/24>" gateway_enable=“YES" -------------------------------------------------------- my sysctl.conf is: -------------------------------------------------------- net.inet.ip.forwarding=1 net.filters_default_to_accept=1 -------------------------------------------------------- But I cannot ping 8.8.8.8 from the computer attached to the internal nic! What am I going wrong? James
