1. S

    PF Redirect port from VPS to home server without using NAT

    HTTP(S) is just an example, I have many other services that wouldn't be able to communicate the real IP via a proxy, therefore PF solution is a must. I am referring to RDR and NAT as they are understood in the context of pf.conf (i.e. I mean the RDR and NAT statements). Both my VPS and Home...
  2. U

    Solved Passing all outbound trafic from Jail behind NAT

    I'm trying to pass all outbound traffic from Jails. I'm using IPFW, because it's default for FreeBSD. All Jails live on cloned lo1 interface, no VNET. How can I pass all outbound traffic from my Jails to the Internet through vtnet0 interface? PLEASE DELETE THIS THREAD.
  3. RevennaFox

    PBX Server Guru Help Needed

    I guess I should probably start by explaining what I'm trying to do. I have a pair of Grandstream HandyTone analog telephone adapters that I need to work with incoming and outgoing calls to a SIP trunking provider over Asterisk running on a remote FreeBSD server. The ATAs are behind NAT, the...
  4. I

    How to configure FreeBSD PC to Mac using an Ethernet crossover cable to access the Internet?

    I have: a router - with an internal IP address and is connected to the Internet. a Mac - has the IP address of Internet works, of course. a PC with FreeBSD 13 installed. I have connected the FreeBSD PC to the Mac using an Ethernet crossover cable. I have assigned...
  5. M

    PF Nat is not forwarding to jail

    I am using PF and cannot get packets forwarded to a particular jail. I want data that comes into my base machine on port 4243 to be forwarded to my jail that has a service that is listening on port 4243. I have verified with telnet that the jail can receive data on that port. Here is my...
  6. T

    Connection Tracker sources

    Hi, I'd wish to read and understand the source code used for tracking connection and feeding NAT. May someone point me to the right place in the source tree? Thanks, Claudio
  7. T

    Solved Update IPv6 routes on a gateway from upstream router advertisements?

    I'm running an AP that bridges traffic to my ISP. For various reasons, I'm running both IPv4 and IPv6 and I need to NAT traffic from the LAN to the ISP. For this reason, net.inet6.ip6.forwarding needs to be enabled. The usual solution for periodically updating the IPv6 gateway address seems to...
  8. T

    Solved Allowing selective traffic from/to wlan with -apbridge set (starting with ARP)

    I have an AP+bridge+firewall ("router") running FreeBSD 12.2-RELEASE r366954 GENERIC amd64. It's roughly set up as follows: - igb0 connects to my ISP via DHCP. (Disabled while I debug this.) - bridge0 has dnsmasq running on it as a DHCP server and DNS server. (Only dynamic addresses at the...
  9. T

    PF OpenVPN: access to client subnet

    I run into difficulties configuring OpenVPN server and client. Here is my setup: OpenVPN server on FreeBSD 12 server.conf port 1194 proto tcp dev tun...
  10. Londo

    IPFW IPFW and natd causing huge packet load

    Hello, First I wanted to give a shout out to everyone who has posted other problems and responses over the years - the knowledge base has helped tremendously. I'm here today to ask for pointers regarding IPFW and natd. Some background: I have a very old server that runs a business and is due...
  11. alwindoss

    Solved Unable to access internet from FreeBSD running as guest on virtualbox

    I am a new user of FreeBSD and I managed to install it on virtualbox as a guest after failing to install it directly on my laptop. I will do that after I gain confidence in FreeBSD on virtualbox. However after installation I am unable to access internet from the Guest FreeBSD. I have looked...
  12. R

    Jails setup with the external IP address on vtnet0

    Hello, I'm trying to setup jails on a Digital Ocean droplet by following the instructions in the handbook: The network configuration is like this: * vtnet0 with the external IP address, netmask 0xffff0000 (Digital Ocean's...
  13. S

    IPFW How to avoid CARP's IP interference with IPFW NAT rules?

    To pass traffic from a remote host to a service behind the NAT on the box with IP I have a standard set of rules: 00812 nat 82 tcp from to 48888 in via igb0 00822 allow tcp from to 48888 in via igb0 00832 nat 82 tcp from...
  14. I

    Solved Wireguard setup (with PF problems)

    Hi there, I'm sort of a new user with FreeBSD, so please excuse me if you see some glaring error in my thinking/configs (I'm a Linux admin so there are differences I'm counting on). :) So here is my problem - I would like to set up Wireguard on FreeBSD 12, which is mostly done, I think, the...
  15. K

    Solved ipfw + NAT mystery

    So I just learned that there's two methods to doing NAT in FreeBSD. The apparently old natd + divert way, which is documented in the handbook, and the new in-kernel ipfw+nat way, that is randomly documented by Google. Is anyone ever going to update the handbook to over ipfw+NAT? The man page...
  16. L

    FreeBSD Policy Based Routing with ipfw nat + fwd using 2 or more Poor Man's ssh VPNs

    Hello, thanks to the posts that I found on this forum, I could implement a gateway in FreeBSD that allows me to do flexible policy routing through different interfaces. I'm going to share. System: FreeBSD freebsd 12.0-STABLE FreeBSD 12.0-STABLE r346132 NEWKERNEL amd64 NEWKERNEL compiled...
  17. H

    Dynamic NAT from pool on FreeBSD

    Good day, I have a FreeBSD 8.1 server installed and connected to network. (See topology screenshot). I need to masquarade the PC ip on FreeBSD to, not to On router the the source traffic must been from, not from Is it possible? I tried with...
  18. U

    no NAT/routing through iocage OpenVPN gateway jail/host

    Hi folks, I'm somewhat of a *BSD novice, having rather used various builds for appliance devices, such as pfSense, opnSense, FreeNAS, etc. I've recently set up a new FreeNAS box from scratch, and built/building a jail for the express purpose of maintaining OpenVPN client connections, and then...
  19. S

    PF Jails with NAT

    I'm trying to set up an Ampache media server at home and am taking the opportunity to learn how to use jails on FreeBSD. I'm trying to set up jails on a separate loopback network on the host and use the NAT features of PF to direct the traffic where it should go. I've tried following multiple...
  20. R

    PF PF config for double NAT jail host

    I think that I'm being somewhat ambitious and I'm finding that I'm getting some horrible issues as a result. Firstly, what I'm trying to achieve. The way that I have tried to set up this network in the past was that the router was in the DMZ and that it passed some traffic (HTTP/S) through to...